Compare commits

..

81 Commits

Author SHA1 Message Date
Peter Korsgaard cae46d7b8d Update for 2017.02.3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-02 11:08:48 +02:00
Peter Korsgaard c936931493 linux-headers: bump 3.18.x version
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:45:17 +02:00
Daniel Sabogal a3f1167c5d bash: disable bash malloc by default
Bash's malloc relies on sbrk which is implemented as a fail-only stub in
musl. Presently, it is disabled when configured for static
libs. Instead, default to using libc malloc.

Fixes:

  # bash
  bash: xmalloc: locale.c:81: cannot allocate 18 bytes (0 bytes allocated)

Signed-off-by: Daniel Sabogal <dsabogalcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 43552504c8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:43:59 +02:00
Romain Naour 15391f30f7 package/hans: fix build failures with high 'make -j' values
The top-level doesn't handle correctly the build dependencies
between .o files.

Since hans doesn't take too many time to build, just use MAKE1.

Fixes:
http://autobuild.buildroot.net/results/d14/d142f4a439d4d5fcc89865abde3e593c45ad5d96
http://autobuild.buildroot.net/results/28e/28ed230e40cc154db9274f9765085cd7f0eee85a
http://autobuild.buildroot.net/results/900/9008c3be3bcf46f0fc21a34f48e3cf9da1397d9a

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 17aa47fa2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:43:00 +02:00
Peter Korsgaard e67d4c0c3f sudo: add upstream security patch for CVE-2017-1000367
CVE-2017-1000367 - Potential overwrite of arbitrary files on Linux

On Linux systems, sudo parses the /proc/[pid]/stat file to determine the
device number of the process's tty (field 7).  The fields in the file are
space-delimited, but it is possible for the command name (field 2) to
include spaces, which sudo does not account for.  A user with sudo
privileges can cause sudo to use a device number of the user's choosing by
creating a symbolic link from the sudo binary to a name that contains a
space, followed by a number.

If SELinux is enabled on the system and sudo was built with SELinux support,
a user with sudo privileges may be able to to overwrite an arbitrary file.
This can be escalated to full root access by rewriting a trusted file such
as /etc/shadow or even /etc/sudoers.

For more details, see: https://www.sudo.ws/alerts/linux_tty.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fddb760946)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:42:25 +02:00
Bernd Kuhls e73a40c41c linux-headers: bump 4.1.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8e0cb0c12d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:41:46 +02:00
Peter Korsgaard 8bba6f823e strongswan: add upstream security patches
Fixes:

CVE-2017-9022 - RSA public keys passed to the gmp plugin aren't
validated sufficiently before attempting signature verification, so that
invalid input might lead to a floating point exception and crash of the
process.  A certificate with an appropriately prepared public key sent by a
peer could be used for a denial-of-service attack.

https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-%28cve-2017-9022%29.html

CVE-2017-9023 - ASN.1 CHOICE types are not correctly handled by the ASN.1
parser when parsing X.509 certificates with extensions that use such types.
This could lead to infinite looping of the thread parsing a specifically
crafted certificate.

https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-%28cve-2017-9023%29.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit e43efb9b65)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:40:50 +02:00
Romain Naour 9bc38c800d package/madplay: add custom libtool patch
madplay use a libtool script in version 1.5.2 but the libtool patch
"buildroot-libtool-v1.5.patch.patch" doesn't apply.

From [1]:
"It's libtool dropping -static. That's because madplay has a
weird version of libtool, on which our libtool patch doesn't apply so
we have MADPLAY_LIBTOOL_PATCH = NO. Therefore, the hack we have that
makes libtool -static behave like -all-static isn't applied, causing
this build failure."

Fixes:
http://autobuild.buildroot.net/results/60def1b15ea61d3cb5f50e9de3f354dd2e17d270

[1] http://lists.busybox.net/pipermail/buildroot/2017-May/192959.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 2fcb07fbe3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:38:47 +02:00
Thomas Petazzoni 48a2866ba3 toolchain-external: adjust musl dynamic linker symlink for mips-sf
The external toolchain code has some logic to calculate the correct name
for the dynamic linker symbolic link that needs to be created when the
musl C library is being used. There was already some handling for the
mipsel+soft-float case, but not for the mips+soft-float case. Due to
this, the symbolic link was incorrectly named, and programs were
referencing an non-existing file.

Reported-by: Florent Jacquet <florent.jacquet@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit a6a4a8b2ef)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:37:37 +02:00
Peter Korsgaard 4174cdd16f libtasn1: security bump to version 4.12
Fixes CVE-2017-7650: Two errors in the "asn1_find_node()" function
(lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to
cause a stacked-based buffer overflow by tricking a user into processing a
specially crafted assignments file via the e.g.  asn1Coding utility.

For more details, see:

https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/

Or the 1.4.11 release mail (no mail about 1.4.12, but identical to 1.4.11 +
a soname fix):

https://lists.gnu.org/archive/html/help-libtasn1/2017-05/msg00003.html

Remove 0001-configure-don-t-add-Werror-to-build-flags.patch and autoreconf
as that patch is now upstream.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2fb7cbeb74)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:35:46 +02:00
Peter Korsgaard 5ee60e23e3 mosquitto: security bump to version 1.4.12
Fixes CVE-2017-7650: Pattern based ACLs can be bypassed by clients that set
their username/client id to ‘#’ or ‘+’.  This allows locally or remotely
connected clients to access MQTT topics that they do have the rights to.
The same issue may be present in third party authentication/access control
plugins for Mosquitto.

For more details, see:
https://mosquitto.org/2017/05/security-advisory-cve-2017-7650/

Remove 0001-Remove-lanl-when-WITH_ADNS-is-unset.patch as that patch is now
upstream.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9e9dee2534)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:35:08 +02:00
Fabrice Fontaine 3f7bfc36b3 mosquitto: enable WITH_ADNS for glibc builds
WITH_ADNS option has been added in version 1.4.11

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f78b2c13d1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:35:01 +02:00
Fabrice Fontaine 79e3be0f66 mosquitto: bump to version 1.4.11
- This version requires a patch (sent upstream) to remove -lanl from
all Linux builds as this library is only needed for adns support
 - sha512 must be computed locally as eclipse.org does not give it for
this version

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d098e18d14)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:34:50 +02:00
Baruch Siach f4fc3fdc4d elfutils: security bump to version 0.169
Fixes a number of security issues: CVE-2017-7607, CVE-2017-7608,
CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613.

Rebase patches, and convert to git format.

Remove --disable-werror; unrecognized configure option.

Use upstream provided hash.

Cc: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 27e0626e99)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:34:09 +02:00
Bernd Kuhls bac5ca752b package/samba4: security bump to version 4.5.10
Fixes CVE-2017-7494:
https://www.samba.org/samba/history/samba-4.5.10.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 12687c5c76)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:32:27 +02:00
Romain Naour f287506b13 package/google-breakpad: use PRE_CONFIGURE hooks to copy linux_syscall_support.h
As reported by Bernd [1], using POST_EXTRACT to copy
linux_syscall_support.h break the legal-info target when
google-breakpad package is selected:

/usr/bin/install: cannot stat '/home/bernd/buildroot/buildroot/output/ost/usr/i586-buildroot-linux-uclibc/sysroot/usr/include/linux_syscall_support.h': No such file or directory

This is because linux_syscall_support.h is installed by a dependency
of google-breakpad, and dependencies are only guaranteed to be
available for the configure step of a package. To fix this, we use a
PRE_CONFIGURE hook instead of POST_EXTRACT hook.

[1] http://lists.busybox.net/pipermail/buildroot/2017-May/192844.html

Reported-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 557f8d649d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:31:24 +02:00
Bernd Kuhls bfb0dda700 package/ftop: Fix broken download URL
Also use bz2 tarball and provide md5 & sha256 hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit d35b447f09)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:30:40 +02:00
Bernd Kuhls d9ed7236ff package/armadillo: fix download URL
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 96f3ae6c24)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:30:02 +02:00
Bernd Kuhls 9af8504a4d package/libev: fix download URL
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 3f0cdaad8b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:29:17 +02:00
Bernd Kuhls a40c4d70ed package/mxml: fix download URL
The project moved to github, the current download URL is broken:

$ wget -q  http://www.msweet.org/files/project3/mxml-2.10.tar.gz
$ file mxml-2.10.tar.gz
mxml-2.10.tar.gz: HTML document, UTF-8 Unicode text, with very long lines

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit eca61c93d5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:28:32 +02:00
Bernd Kuhls 5d0dc5fc6b package/libmicrohttpd: security bump version to 0.9.55
For details refer to release notes:
http://lists.gnu.org/archive/html/info-gnu/2017-05/msg00014.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 8225042e0e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:27:13 +02:00
Bernd Kuhls 667c418a24 package/redis: fix static linking with libatomic
Fixes
http://autobuild.buildroot.net/results/7f1/7f1ecccbfdb6bd95824d9c884f1577e71e0e1e09/
http://autobuild.buildroot.net/results/c0b/c0b1bdcc5fbddf8b996b923015184d753882d4b8/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
 - improve comment to explain the fix
 - remove useless LDFLAGS related code]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 019ad60567)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:24:40 +02:00
Bernd Kuhls 567d01e0dc package/flashrom: security bump to version 0.9.9
Fixes buffer overflow:
https://mail.coreboot.org/pipermail/flashrom/2016-March/014523.html

Removed patch 0002-sys-io.h.patch, not needed anymore, hwaccess.h now
contains a similar fix:

  elif defined(__linux__) || defined(__GLIBC__)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit db55de2b42)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:21:58 +02:00
Bernd Kuhls b1206d48d4 package/audiofile: Fix static linking with libsndfile
Fixes mpd:
http://autobuild.buildroot.net/results/799/7997ccd698f03885f98d00bd150dc3a578e4b161/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit a7777eecd4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:20:51 +02:00
Bernd Kuhls ff08ec1982 package/audiofile: add security fix
Fixes CVE-2015-7747

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit a2ad9cf71d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:20:20 +02:00
Romain Naour 664322444d package/dhcp: create tmpfiles.d directory
dhcp.mk tries to create dhcp.conf in a non-existant directory.

Fixes:
http://autobuild.buildroot.net/results/40e/40e48f74b586ce380766cf31473932e43090671e

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 6ddab6c28e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:19:30 +02:00
Bernd Kuhls 2b8cdf212d package/popt: fix libiconv dependency
Make sure that libiconv is built before popt when needed.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit da5816561b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:18:56 +02:00
Bernd Kuhls 0528344f31 linux-headers: bump 4.{4, 9, 11}.x series
[Peter: drop 4.10.x / 4.11.x bump]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit f19a4433d4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:17:07 +02:00
Dustin Johnson 60dc5bd64f mono: remove copy of host etc files on install
When the mono package is installed, the autotools installer installs
the /etc/mono files to the target. A post_install hook then copies
over the mono libraries to the target as well as the host /etc/mono
files which overrides the target files. The target specific mono
configuration file (/etc/mono/config) is overridden with the host
settings. This causes mono on the target to be unable to locate target
specific .so files as it overrides the changes enacted by the patches
for the package.

Signed-off-by: Dustin Johnson <dustin.r.johnson@gmail.com>
Tested-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Reviewed-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Acked-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 675101b0fe)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:13:46 +02:00
Dustin Johnson ae353794f0 mono: remove nonexistent configure options
The .mk file for the mono package contains out of date configuration
options. The --disable-gtk-doc option is no longer available in
configure. Moonlight is no longer supported in Mono and the
--with-moonlight=no option is no longer required.

Signed-off-by: Dustin Johnson <dustin.r.johnson@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 2ba4fee836)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:13:38 +02:00
Baruch Siach ca4feb4193 toolchain: disable PIE for static build with musl
As mentioned in commit 3c93901bcd (toolchain: add hidden symbol for PIE
support), support for static PIE using musl requires a gcc patch[1]. Buildroot
doesn't carry this patch. Don't enable BR2_TOOLCHAIN_SUPPORTS_PIE in static
build with musl.

Fixes:
http://autobuild.buildroot.net/results/d19/d19bcfcfb33cc5f5b082b97bbd5852d479823b97/
http://autobuild.buildroot.net/results/91f/91f7c6954c337b03f5ac141050d9b1bee1623376/
http://autobuild.buildroot.net/results/996/996116da9241686110b9525eed08cc5acfd379a6/

[1] https://github.com/richfelker/musl-cross-make/blob/b854a42fc1ea19b8c4ec7104848f9d1a6d7995f0/patches/gcc-6.3.0/0010-static-pie-support.diff

Acked-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit fa397537bb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:11:50 +02:00
Peter Korsgaard f459be48e0 libminiupnpc: add upstream security fix for CVE-2017-8798
CVE-2017-8798: Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221
through v2.0 allows remote attackers to cause a denial of service or
possibly have unspecified other impact.

For more details including a PoC, see:
https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a0c4cf0f96)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:07:26 +02:00
Ryan Coe 68abab0fcf mariadb: security bump to version 10.1.23
Fixes:

CVE-2017-3302 - Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and
5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29,
10.1.x through 10.1.21, and 10.2.x through 10.2.3.

CVE-2017-3313 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: MyISAM). Supported versions that are affected are
5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to
exploit vulnerability allows low privileged attacker with logon to the
infrastructure where MySQL Server executes to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized access
to critical data or complete access to all MySQL Server accessible data.

CVE-2017-3308 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DML). Supported versions that are affected are 5.5.54
and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable"
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. While the vulnerability is
in MySQL Server, attacks may significantly impact additional products.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS) of
MySQL Server.

CVE-2017-3309 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily
"exploitable" vulnerability allows low privileged attacker with network
access via multiple protocols to compromise MySQL Server. While the
vulnerability is in MySQL Server, attacks may significantly impact
additional products. Successful attacks of this vulnerability can result
in unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.

CVE-2017-3453 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Optimizer). Supported versions that are affected are
5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily
"exploitable" vulnerability allows low privileged attacker with network
access via multiple protocols to compromise MySQL Server. Successful attacks
of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2017-3456 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DML). Supported versions that are affected are 5.5.54
and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable"
vulnerability allows high privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2017-3464 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are 5.5.54
and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable"
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized update, insert or delete access to
some of MySQL Server accessible data.

And a number of important, but non-security related fixes:

MDEV-12602: Fixed some race conditions in InnoDB encryption

MariaDB Backup alpha introduced

Galera wsrep library updated to 25.3.20

For details, see the release notes:
https://mariadb.com/kb/en/mariadb/mariadb-10123-release-notes/

[Peter: drop COPYING.LESSER and add a reference to the bugtracker issue
	explaining why]
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e6213e8ee6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:06:13 +02:00
Peter Korsgaard bdf7dc37a2 dropbear: security bump to version 2017.75
Fixes:

- CVE-2017-9078: A double-free in the server could be triggered by an
  authenticated user if dropbear is running with -a (Allow connections to
  forwarded ports from any host) This could potentially allow arbitrary code
  execution as root by an authenticated user.  Affects versions 2013.56 to
  2016.74.  Thanks to Mark Shepard for reporting the crash.

- CVE-2017-9079: Dropbear parsed authorized_keys as root, even if it were a
  symlink.  The fix is to switch to user permissions when opening
  authorized_keys.
  A user could symlink their ~/.ssh/authorized_keys to a root-owned file
  they couldn't normally read.  If they managed to get that file to contain
  valid authorized_keys with command= options it might be possible to read
  other contents of that file.  This information disclosure is to an already
  authenticated user.  Thanks to Jann Horn of Google Project Zero for
  reporting this.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8644a83bd8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:03:50 +02:00
Peter Korsgaard 4f0203891a linux-headers: bump 4.{4, 9, 10, 11}.x series
[Peter: drop 4.10.x / 4.11.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit daf1c35025)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:02:57 +02:00
Baruch Siach 9ebf2c4848 toolchain: limit musl workaround to kernel headers 3.12+
The libc-compat.h first appeared in kernel version 3.12. Trying to build a
musl toolchain using earlier headers leads to the following failure:

/bin/sed: can't read .../output/host/usr/arm-buildroot-linux-musleabi/sysroot/usr/include/linux/libc-compat.h: No such file or directory
package/pkg-generic.mk:266: recipe for target '.../output/build/toolchain/.stamp_staging_installed' failed

Don't apply the sed patch to older headers.

Reported-by: Florent Jacquet <florent.jacquet@free-electrons.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4d1c2c82e8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:01:13 +02:00
Thomas Petazzoni 5e44457add cppcms: fix build on machines with libgpg-error installed
In configuration where target architecture == host architecture, and
libgpg-error is installed system-wide with development files, the build
of cppcms fails with:

/home/test/buildroot/output/host/usr/bin/x86_64-amd-linux-gnu-g++  --sysroot=/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot  -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -Wall -Wextra  -DNDEBUG   CMakeFiles/base64_test.dir/tests/base64_test.cpp.o  -o base64_test  -L/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib -Wl,-rpath,/home/test/buildroot/output/build/cppcms-1.0.5:/home/test/buildroot/output/build/cppcms-1.0.5/booster:/usr/lib -rdynamic libcppcms.so.1.0.5 booster/libbooster.so.0.0.3 -lpthread /home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libpcre.so /home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so /home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libdl.so /home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libz.so
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_err_set_errno@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpgrt_lock_init@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpgrt_lock_destroy@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_err_code_from_syserror@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_err_code_from_errno@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpgrt_lock_unlock@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_strerror@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpg_strsource@GPG_ERROR_1.0'
/home/test/buildroot/output/host/usr/x86_64-buildroot-linux-gnu/sysroot/usr/lib/libgcrypt.so: undefined reference to `gpgrt_lock_lock@GPG_ERROR_1.0'

The problem comes from the
"-Wl,-rpath,/home/test/buildroot/output/build/cppcms-1.0.5:/home/test/buildroot/output/build/cppcms-1.0.5/booster:/usr/lib"
option, which tells the linker to search for libraries in /usr/lib.

This commit fixes that by asking CMake to not add any rpath when
building cppcms.

Fixes:

  http://autobuild.buildroot.net/results/a7eb1ede552ae14f409cfd7bd877bcf25ca69a74/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 15423bd46e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 15:59:35 +02:00
Thomas Petazzoni 6acc39ae87 oracle-mysql: add patch to fix gcc 6.x build issue
Fixes:

 http://autobuild.buildroot.net/results/61074b69b81cd5c17a7f74dc1f7b31f3fc35fd8a/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 19e78e509e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 15:58:29 +02:00
Romain Naour d526cd57c0 package/gdb: fix gnulib issue with musl and uClibc toolchains (finally)
The previous fix [1] reinroduced the issue fixed by [2].
So keep gl_cv_func_gettimeofday_clobber=no in GDB_CONF_ENV
and GDB_MAKE_ENV.

Fixes:
http://autobuild.buildroot.net/results/ec6/ec60d436bd34a4f37b664e4124d7f0c96e90a1be

[1] faf38b78ae
[2] 560334bb2a

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 2530fe810e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-31 12:12:53 +02:00
Peter Korsgaard e75f4d6f63 fbgrab: explicitly build fbgrab target to workaround gzip issue
Fixes #9871

gzip reads default command line options from the environment variable GZIP.
The fbgrab Makefile internally also uses a GZIP make variable to know what
command to use to compress the manpage. Unfortunaly make will export the
value of this make variable to the environment if GZIP is already present in
the enviroment, confusing gzip (as 'gzip' isn't a valid command line argument).

This can either be triggered by users having GZIP set in their environment
(E.G.  for custom options), or by enabling BR2_REPRODUCIBLE, where we use
this feature to force the -n option (to not store name/timestamp) to gzip.

We don't really need to compress the manpage as it isn't installed anyway,
so work around the issue by only building the fbgrab application.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit be8d1efd1e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:46:06 +02:00
Thomas Petazzoni 4ff1bf944f ntp: add patch to fix -fPIC issue
This commit adds a patch that fixes the build on AArch64 and MIPS of the
ntp package, which was caused by some parts of ntp being built without
-fPIC.

Fixes:

  [aarch64] http://autobuild.buildroot.net/results/866b1d28595efd8b6becf83d0a64b596538d58b0
  [mips]    http://autobuild.buildroot.net/results/c2a945855172970736a8ffea9c564f029a023344

Thanks to Romain Naour for the initial analysis.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 7fde83cdf0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:45:25 +02:00
Bartosz Golaszewski 731997c0e1 package/pulseview: fix a build issue
Backport an upstream patch fixing the build issue related to boost
math definitions.

Fixes:
http://autobuild.buildroot.net/results/e9f/e9f3f175e203529c44ecf92a34b82a0b3a473e34/

Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f884abe4de)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:43:50 +02:00
Thomas Petazzoni fdd9db2fae rabbitmq-c: openssl/popt sub-options don't work in static linking
rabbitmq-c currently fails to build in a number of static linking
situations, due to two issues:

 - CMake FindOpenSSL module is buggy. Even though it uses pkg-config,
   it doesn't use the information returned by pkg-config, and
   therefore doesn't know about second order libraries that need be
   part of the link for static linking to succeed. Due to this, -lz is
   not passed, and therefore rabbitmq-c fails when linking against
   libssl/libcrypto. This issue has been reported to upstream CMake at
   https://gitlab.kitware.com/cmake/cmake/issues/16885.

 - popt might use libintl, but CMake doesn't know about that. For
   autotools based packages, we typically work around this by passing
   LIBS=, but CMake apparently has no equivalent to LIBS=.

To workaround this, we only use the OpenSSL and Popt optional
dependencies in dynamic linking situations.

Fixes:

  http://autobuild.buildroot.net/results/798dbe5e5fd0463bb2066cb115656795144c327f/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit beb6524225)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:43:07 +02:00
Peter Korsgaard c554c84ec1 git: security bump to version 2.12.3
Fixes CVE-2017-8386 - Git Shell Bypass By Abusing Less

For more details, see:
https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/
http://www.mail-archive.com/git@vger.kernel.org/msg120982.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 4a146b933e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:40:10 +02:00
Vicente Olivert Riera 9f69fa3ade git: bump version to 2.12.2
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 3967abfc89)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:40:01 +02:00
Vicente Olivert Riera 3e00574559 git: bump version to 2.12.1
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cbb23d5d05)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:39:27 +02:00
Vicente Olivert Riera 6217600a81 git: bump version to 2.12.0
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 941dc2ac8c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:39:04 +02:00
Peter Korsgaard 9737f2b9fa rtmpdump: security bump to current HEAD
Fixes:

- CVE-2015-8271: The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows
  remote RTMP Media servers to execute arbitrary code
  https://www.talosintelligence.com/reports/TALOS-2016-0067/

- CVE-2015-8272: RTMPDump 2.4 allows remote attackers to trigger a denial of
  service (NULL pointer dereference and process crash).
  https://www.talosintelligence.com/reports/TALOS-2016-0068/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 4ebd2fa277)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:37:24 +02:00
Peter Korsgaard e8a44eb7e5 rpcbind: add upstream security fix for CVE-2017-8779
CVE-2017-8779: rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc
through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC
data size during memory allocation for XDR strings, which allows remote
attackers to cause a denial of service (memory consumption with no
subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.

For more details, see:
https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/

Backport upstream fix to version 0.2.3 and unconditionally include syslog.h
to fix a build issue when RPCBIND_DEBUG is disabled (which it is in
Buildroot).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 954509fb84)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:36:19 +02:00
Romain Naour 8f0c43a9a6 package/faketime: fix build with gcc >= 6
Upstream added -Wno-nonnull-compare to disable this error [1].

Fixes:
libfaketime.c:513:7: error : nonnull argument « buf » compared to NULL [-Werror=nonnull-compare]
    if (buf != NULL)
       ^
[1] https://github.com/wolfcw/libfaketime/commit/47e958b753fc15098a2b7d0e9ef26b83ee255874

[Peter: add upstream git commit id to patch]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit 2a1401fa92)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:35:31 +02:00
Vicente Olivert Riera 594b4174b2 linux-headers: bump 4.{4, 9, 10, 11}.x series
[Peter: drop 4.10.x / 4.11.x bump]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5879cc71dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:29:45 +02:00
Peter Korsgaard b1b2912c0b linux-headers: bump 3.18.x version to 3.18.53
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-17 22:22:42 +02:00
Romain Naour fbd7120c8a package/bluez_utils: select BR2_PACKAGE_CHECK
Commit [1] added check package to bluez_utils dependencies without
selecting it at Kconfig level.

Fixes:
Makefile:535: *** check is in the dependency chain of bluez_utils that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in.

[1] 8554be9f82

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 00f6de5fc7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:50:14 +02:00
Romain Naour 353ffb2497 package/bluez_utils: fix test build issues with musl
Add one missing header and avoid encrypt redefinition.

Fixes:
http://autobuild.buildroot.net/results/06c/06c930d9c5299b79500d018ac3fb2861ce834c7c/

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit d09d3a7fa0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:46:21 +02:00
Romain Naour 597cc20156 package/bluez_utils: add missing check dependency for test program
Tests are enabled since this has been introduced [1], so keep
them for now.

bluez_utils needs check tool and check if it's available [2].

[1] 06c3e21596
[2] https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/configure.ac?h=4.101#n51

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 8554be9f82)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:45:32 +02:00
Romain Naour 38314e4cbe package/bluez_utils: add missing host-pkgconf dependency
The configure script use pkg-config.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit d5fec33bd5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:11:46 +02:00
Thomas Petazzoni af6daa4cbf openblas: SPARC support is for Sparc v9
Makefile.sparc in the openblas source code passes -mcpu=v9, i.e it
assumes a SPARCv9 CPU. Therefore, this commit adjusts openblas
Config.in file so that SPARC is only used for BR2_sparc_v9.

Fixes:

  http://autobuild.buildroot.net/results/805087e87b8bb7d11adb49d9eca3959a37aca3a2/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 6714d79a22)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:10:24 +02:00
Yann E. MORIN f99117fd8b core/download: fix source check for git method
Running foo-source-check on packages retrieved from git fails.

This is because there is no associated stamp file, so we do not have a
rule-assignment that sets PKG for foo-source-check.

But it does not make sense to have a stamp file at all, because
source-check is not supposed to change anything: the status after is
exactly the same as before; nothing is downlaoded, so there is no
progress (whatsoever) to memorise.

Fix that by just defining PKG in the source-check rule definition.

Fixes #9796.

Reported-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 4c0aacbc31)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:09:04 +02:00
Yann E. MORIN 6c729c63e0 package/gpsd: do not interact with systemd on install
When building on a systemd-based host for a systemd-based target, gpsd's
buildsystem will try to tell systemd to reload the its configuration and
recreate the entire dependency tree of services.

Of course, this can not work when run as a user:
    >>> gpsd 3.16 Installing to target
    ==== AUTHENTICATING FOR org.freedesktop.systemd1.reload-daemon ===
    Authentication is required to reload the systemd state.
    Authenticating as: root
    Password:

In fact, this does not even mean anything in cross-compilation.

Fortunately, upstream has already fixed their sin, so we backport it
(tweaked to apply onto 3.16).

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 0d0fcfa443)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:07:03 +02:00
Bernd Kuhls 5b58f1ee72 package/vlc: security bump to version 2.2.5.1
This release contains "various security improvements in demuxers and
decoders".
Release notes: http://www.videolan.org/vlc/releases/2.2.5.html

Added all hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit c04fa8fad0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:04:37 +02:00
Thomas Petazzoni 521274cd60 kvm-unit-tests: fix build on x86-64 with specific gcc versions
kvm-unit-tests uses the following code on x86/x86-64:

static inline u64 scale_delta(u64 delta, u64 mul_frac)
{
        u64 product, unused;

        __asm__ (
                "mul %3"
                : "=d" (product), "=a" (unused) : "1" (delta), "rm" ((u64)mul_frac) );

        return product;
}

The "mul" instruction does not have a suffix that indicates the width of
the data being multiplied. When the data is passed in a register, there
is no need to specify the width, but with some gcc versions, the data is
passed as a memory reference, and therefore the assembler does not know
the width of the data to be multiplied. It causes the following build
failure:

x86/hyperv_clock.c: Assembler messages:
x86/hyperv_clock.c:21: Error: no instruction mnemonic suffix given and no register operands; can't size instruction

Since the data being multiplied is 64 bit, we explicitly specify the
instruction as being "mulq".

Fixes:

  http://autobuild.buildroot.net/results/a4a65d01f049db83a93de92660f228dd18532625/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit bdadcf593d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:03:22 +02:00
Baruch Siach 893da5eb46 lua: use target LDFLAGS
This adds '-static' to the link command when BR2_STATIC_LIBS=y, making the lua
binary really static.

Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 7e48c82430)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:01:56 +02:00
Yann E. MORIN d21206802b package/efl: fix unmet dependencies
EFL's elput selects libinput but forgot to propagate its dependencies.
Which requires they be propagated further to a second sub-option, then
to a third one.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@openwide.fr>
[Thomas: fix typoes.]
[Peter: fix more typoes]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 31bd2b46a8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 14:00:01 +02:00
Baruch Siach 0a360e132b strongswan: fix crypt() redefinition
Add patch from upstream pending pull request (#72) to fix crypt() definition
conflict.

Fixes:
http://autobuild.buildroot.net/results/612/6120add5ad6e7f5d575fc2a2442cd7fe5302eb46/
http://autobuild.buildroot.net/results/ba1/ba1298e71ef28857654ae8d4593d09e4fe8cdda0/
http://autobuild.buildroot.net/results/6b9/6b928e2a6a35bfb21c792fca083bc4cbdaef9304/

Cc: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit dd24d95a76)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:55:23 +02:00
Bernd Kuhls 4c12eab4e7 package/linux-headers: bump 3.12.x and 4.{4, 9, 10}.x series
[Peter: drop 4.10.x bump]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit d48436c2bf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:53:50 +02:00
Bernd Kuhls ab268515e0 package/openvpn: security bump to 2.4.2
Fixes CVE-2017-7478 & CVE-2017-7479:
https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit a4e5ee245e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:40:54 +02:00
Jeroen Roovers 655ff05b9f openvpn: Add explicit support for external lz4
2.4.0 added lz4 support. Make that choice explicit or the bundled compat-lz4
"stub" will be used.

Signed-off-by: Jeroen Roovers <jer@airfi.aero>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 65e6f6ff2a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:40:45 +02:00
Vicente Olivert Riera ebe3a02656 openvpn: bump version to 2.4.1
--disable-eurephia configure option doesn't exist, so remove it.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 9ecbe727aa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:40:35 +02:00
Gwenhael Goavec-Merou 40645cc665 qwt: fix build when BR2_STATIC_LIBS=y
By default, qwt build a shared library, but when BR2_STATIC_LIBS is set
compilation failed with errors like :
__uClibc_main.c:(.text+0x164): undefined reference to `__fini_array_end'
__uClibc_main.c:(.text+0x168): undefined reference to `__fini_array_start'
__uClibc_main.c:(.text+0x16c): undefined reference to `__fini_array_start'

This patch disable QwtDll to build a static library when BR2_STATIC_LIBS=y.

fix:
http://autobuild.buildroot.net/results/739/739406bb8073d1861933872a47802954d9767634/

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 11c619058e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:38:34 +02:00
Vicente Olivert Riera 2fb0ed2be2 postgresql: bump version to 9.6.3 (security)
Three security vulnerabilities have been closed by this release:

CVE-2017-7484: selectivity estimators bypass SELECT privilege checks
CVE-2017-7485: libpq ignores PGREQUIRESSL environment variable
CVE-2017-7486: pg_user_mappings view discloses foreign server passwords

More details: https://www.postgresql.org/about/news/1746/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit e2bb446ff5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:37:44 +02:00
Vicente Olivert Riera 5149066e59 postgresql: bump version to 9.6.2
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit cd3d6c32ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:37:35 +02:00
Vicente Olivert Riera fe43fddcfc sudo: fix static linking with openldap having openssl support
If we are building sudo statically and openldap was linked with openssl,
then when we link sudo with openldap we need to specify the openssl
libs, otherwise it will fail with "undefined reference" errors.

Fixes:
  http://autobuild.buildroot.net/results/ebb/ebbb4c3138b5023a0c8bd938db1932a25ba5b6fb/
  http://autobuild.buildroot.net/results/58e/58ee4fddea85f0c79b26582b04a573258e27eb47/
  http://autobuild.buildroot.net/results/051/05151c4ef7f0b3702a6cd5e6df4888d826a37431/
  http://autobuild.buildroot.net/results/b1d/b1dfae81985daee106700191fcb82387833c2e3f/
  http://autobuild.buildroot.net/results/5b4/5b42e8505856156389d480d0da19f6982cf120d8/
  http://autobuild.buildroot.net/results/30a/30a76190428f902f03bcf54ba9f1f4f4377c6fc9/
  http://autobuild.buildroot.net/results/e8c/e8c6bdc314b9a8d5de303633a3abd7b7e44beb2e/
  http://autobuild.buildroot.net/results/483/4830c69cc6a62080e1516f0d9009c2ba619c23c1/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit bf899e50d8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:36:19 +02:00
Thomas Petazzoni 8f3915ef79 efibootmgr: backport upstream patch to fix build with gcc 6.x
efibootmgr was built with -fshort-wchar, which causes gcc to use
2-byte wchar_t instead of the normal 4-byte wchar_t. But this doesn't
work anymore with gcc 6.x, as it causes a build failure:

/home/test/autobuild/run/instance-3/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/6.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: warning: efibootmgr.o uses 2-byte wchar_t yet the output is to use 4-byte wchar_t; use of wchar_t values across objects may fail
/home/test/autobuild/run/instance-3/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/6.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: warning: efi.o uses 2-byte wchar_t yet the output is to use 4-byte wchar_t; use of wchar_t values across objects may fail
/home/test/autobuild/run/instance-3/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/6.3.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: warning: unparse_path.o uses 2-byte wchar_t yet the output is to use 4-byte wchar_t; use of wchar_t values across objects may fail

Upstream solution was do simply drop -fshort-wchar:

  https://github.com/rhinstaller/efibootmgr/commit/3466fd05c8c6f1052e0426d64eed40f8a88fd78f

So this commit simply backports this upstream patch.

Fixes:

  http://autobuild.buildroot.net/results/87c3ff2427331eb9ab31c9eb685fe80954a0a98f/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 3e254b82c7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 13:24:46 +02:00
Peter Seiderer ff1e2c2c0d qt5base: fix examples compile with disabled gui module
Fixes [1]:

  Project ERROR: Could not find feature opengl.

[1] http://autobuild.buildroot.net/results/040/040ab283dbbec623fe5ff4eaece754d9701fafc5

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 4860e05a63)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 12:15:45 +02:00
Romain Naour 21724ff539 package/ltp-testsuite: needs threads NPTL
Fixes:
http://autobuild.buildroot.net/results/3e0/3e0bbf41e339e62422463773bf07945f048a9501

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 362d185b30)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 11:46:43 +02:00
Yann E. MORIN f1d4f33bab package/libubox: fix lua module install path
The LUAPATH variable is only used when installing the lua module, and
cmake knows very well how to do out-of-tree isntalls, so there is no
reason to include the staging path in LUAPATH, which will cause our
post-install sanity checks to kick in and whine:

    libubox: installs files in /home/lhk/workspace/orangepi/host/usr/a
    rm-buildroot-linux-gnueabihf/sysroot//home/lhk/workspace/orangepi

As for libuci, just pass the runtime LUAPATH.

Fixes #9856

Reported-by: linhuikui@gmail.com
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit be3645a58a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 11:44:54 +02:00
Danomi Manchego 3858b49e93 dbus: fix dbus symlink removal
There was already a post-build hook to delete the /var/lib/dbus symlink
created by buildroot after the package's own installation, to prevent
a dbus installation error during "make dbus-rebuild".  However, this
misses the case for when one might delete the .stamp_target_installed
file manually, outside of dbus-rebuild.  This can be fixed by changing
the post-build hook to a pre-install hook.  This seems appropriate,
since it is really addressing an installation issue, not a build issue.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c2d6c4ac32)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 11:43:44 +02:00
Yann E. MORIN 6df3dc343f package/kyua: fix unmet dependencies
lutok is a lua module, so it depends on ! static libs. However, the
dependency is implicit, being done because the lua modules are sourced
globally under an if-block, and thus it is not easy to find that
dependency.

Propagate that dependency to kyua, which was missing it (because it is
not a lua module, so was missing the dependency).

[Peter: also update toolchain comment]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Sebastien Bourdelin <sebastien.bourdelin@savoirfairelinux.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit a65da16f63)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-15 11:41:57 +02:00
Thomas Petazzoni 09fd512c8a nvidia-driver: use http:// instead of ftp://
Fixes the download, which currently times out on ftp://.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 2068c7c6a8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-05 21:42:20 +02:00
Peter Korsgaard f7d6bf3dda linux-headers: bump 4.{4,9,10}.x series
[Peter: drop 4.10.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 15a31470b0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-05 21:37:51 +02:00
Baruch Siach 4a33076ffb picocom: force target LDFLAGS
This allows a static build of picocom when BR2_STATIC_LIBS=y but the toolchain
provides static and shared libraries.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit add51b89bf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-05 21:35:23 +02:00
89 changed files with 1737 additions and 206 deletions
+24
View File
@@ -1,3 +1,27 @@
2017.02.3, Released June 2nd, 2017
Important / security related fixes.
Download: <pkg>-source-check fixed for packages from git.
External toolchain: musl dynamic linker symlink for mips-sf
corrected.
Updated/fixed packages: armadillo, audiofile, bash,
bluez_utils, cppcms, dbus, dhcp, dropbear, efibootmgr, efl,
elfutils, faketime, fbgrab, flashrom, ftop, gdb, git,
google-breakpad, gpsd, hans, kvm-unit-tests, kyua, libev,
libmicrohttpd, libminiupnpc, libtasn1, libubox, ltp-testsuite,
lua, madplay, mariadb, mono, mosquitto, mxml, ntp,
nvidia-driver, openblas, openvpn, oracle-mysql, picocom, popt,
postgresql, pulseview, qt5base, qwt, rabbitmq-c, redis,
rpcbind, rtmpdump, samba4, strongswan, sudo, vlc
Issues resolved (http://bugs.buildroot.org):
#9796: source-check broken for Git downloads
#9871: fbgrab 1.3 won't build with BR2_REPRODUCIBLE set
2017.02.2, Released May 1st, 2017
Important / security related fixes.
+2 -2
View File
@@ -86,9 +86,9 @@ else # umask / $(CURDIR) / $(O)
all:
# Set and export the version string
export BR2_VERSION := 2017.02.2
export BR2_VERSION := 2017.02.3
# Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1493676000
BR2_VERSION_EPOCH = 1496390000
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
+3 -1
View File
@@ -5,7 +5,9 @@
################################################################################
ARMADILLO_VERSION = 6.500.4
ARMADILLO_SITE = http://downloads.sourceforge.net/project/arma
# upstream removed tarball from
# http://downloads.sourceforge.net/project/arma
ARMADILLO_SITE = https://ftp.fau.de/macports/distfiles/armadillo
ARMADILLO_DEPENDENCIES = clapack
ARMADILLO_INSTALL_STAGING = YES
ARMADILLO_LICENSE = MPLv2.0
+161
View File
@@ -0,0 +1,161 @@
Description: fix buffer overflow when changing both sample format and
number of channels
Origin: https://github.com/mpruett/audiofile/pull/25
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721
Bug-Debian: https://bugs.debian.org/801102
Downloaded from
https://gitweb.gentoo.org/repo/gentoo.git/tree/media-libs/audiofile/files/audiofile-0.3.6-CVE-2015-7747.patch
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
--- a/libaudiofile/modules/ModuleState.cpp
+++ b/libaudiofile/modules/ModuleState.cpp
@@ -402,7 +402,7 @@ status ModuleState::arrange(AFfilehandle
addModule(new Transform(outfc, in.pcm, out.pcm));
if (in.channelCount != out.channelCount)
- addModule(new ApplyChannelMatrix(infc, isReading,
+ addModule(new ApplyChannelMatrix(outfc, isReading,
in.channelCount, out.channelCount,
in.pcm.minClip, in.pcm.maxClip,
track->channelMatrix));
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -26,6 +26,7 @@ TESTS = \
VirtualFile \
floatto24 \
query2 \
+ sixteen-stereo-to-eight-mono \
sixteen-to-eight \
testchannelmatrix \
testdouble \
@@ -139,6 +140,7 @@ printmarkers_SOURCES = printmarkers.c
printmarkers_LDADD = $(LIBAUDIOFILE) -lm
sixteen_to_eight_SOURCES = sixteen-to-eight.c TestUtilities.cpp TestUtilities.h
+sixteen_stereo_to_eight_mono_SOURCES = sixteen-stereo-to-eight-mono.c TestUtilities.cpp TestUtilities.h
testchannelmatrix_SOURCES = testchannelmatrix.c TestUtilities.cpp TestUtilities.h
--- /dev/null
+++ b/test/sixteen-stereo-to-eight-mono.c
@@ -0,0 +1,118 @@
+/*
+ Audio File Library
+
+ Copyright 2000, Silicon Graphics, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+
+/*
+ sixteen-stereo-to-eight-mono.c
+
+ This program tests the conversion from 2-channel 16-bit integers to
+ 1-channel 8-bit integers.
+*/
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <limits.h>
+
+#include <audiofile.h>
+
+#include "TestUtilities.h"
+
+int main (int argc, char **argv)
+{
+ AFfilehandle file;
+ AFfilesetup setup;
+ int16_t frames16[] = {14298, 392, 3923, -683, 958, -1921};
+ int8_t frames8[] = {28, 6, -2};
+ int i, frameCount = 3;
+ int8_t byte;
+ AFframecount result;
+
+ setup = afNewFileSetup();
+
+ afInitFileFormat(setup, AF_FILE_WAVE);
+
+ afInitSampleFormat(setup, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 16);
+ afInitChannels(setup, AF_DEFAULT_TRACK, 2);
+
+ char *testFileName;
+ if (!createTemporaryFile("sixteen-to-eight", &testFileName))
+ {
+ fprintf(stderr, "Could not create temporary file.\n");
+ exit(EXIT_FAILURE);
+ }
+
+ file = afOpenFile(testFileName, "w", setup);
+ if (file == AF_NULL_FILEHANDLE)
+ {
+ fprintf(stderr, "could not open file for writing\n");
+ exit(EXIT_FAILURE);
+ }
+
+ afFreeFileSetup(setup);
+
+ afWriteFrames(file, AF_DEFAULT_TRACK, frames16, frameCount);
+
+ afCloseFile(file);
+
+ file = afOpenFile(testFileName, "r", AF_NULL_FILESETUP);
+ if (file == AF_NULL_FILEHANDLE)
+ {
+ fprintf(stderr, "could not open file for reading\n");
+ exit(EXIT_FAILURE);
+ }
+
+ afSetVirtualSampleFormat(file, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 8);
+ afSetVirtualChannels(file, AF_DEFAULT_TRACK, 1);
+
+ for (i=0; i<frameCount; i++)
+ {
+ /* Read one frame. */
+ result = afReadFrames(file, AF_DEFAULT_TRACK, &byte, 1);
+
+ if (result != 1)
+ break;
+
+ /* Compare the byte read with its precalculated value. */
+ if (memcmp(&byte, &frames8[i], 1) != 0)
+ {
+ printf("error\n");
+ printf("expected %d, got %d\n", frames8[i], byte);
+ exit(EXIT_FAILURE);
+ }
+ else
+ {
+#ifdef DEBUG
+ printf("got what was expected: %d\n", byte);
+#endif
+ }
+ }
+
+ afCloseFile(file);
+ unlink(testFileName);
+ free(testFileName);
+
+ exit(EXIT_SUCCESS);
+}
@@ -0,0 +1,193 @@
From d89a938f48e97b5770509d53c5478c5c3008d6e8 Mon Sep 17 00:00:00 2001
From: Bernd Kuhls <bernd.kuhls@t-online.de>
Date: Sat, 27 May 2017 17:53:33 +0200
Subject: [PATCH 1/1] Fix static linking with libsndfile
libsndfile and audiofile both contain mixXX functions in their alac
code which lead to symbol name clashes when apps like mpd try to
statically link to both audiofile and libsndfile at the same time.
This patch renames these functions to avoid the problem which was
detected by the buildroot autobuilders:
http://autobuild.buildroot.net/results/799/7997ccd698f03885f98d00bd150dc3a578e4b161/
Patch sent upstream: https://github.com/mpruett/audiofile/pull/45
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
libaudiofile/alac/ALACEncoder.cpp | 28 ++++++++++++++--------------
libaudiofile/alac/matrix_enc.c | 8 ++++----
libaudiofile/alac/matrixlib.h | 8 ++++----
3 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/libaudiofile/alac/ALACEncoder.cpp b/libaudiofile/alac/ALACEncoder.cpp
index da922c2..3d088cc 100644
--- a/libaudiofile/alac/ALACEncoder.cpp
+++ b/libaudiofile/alac/ALACEncoder.cpp
@@ -332,19 +332,19 @@ int32_t ALACEncoder::EncodeStereo( BitBuffer * bitstream, void * inputBuffer, ui
switch ( mBitDepth )
{
case 16:
- mix16( (int16_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples/dilate, mixBits, mixRes );
+ audiofile_alac_mix16( (int16_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples/dilate, mixBits, mixRes );
break;
case 20:
- mix20( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples/dilate, mixBits, mixRes );
+ audiofile_alac_mix20( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples/dilate, mixBits, mixRes );
break;
case 24:
// includes extraction of shifted-off bytes
- mix24( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples/dilate,
+ audiofile_alac_mix24( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples/dilate,
mixBits, mixRes, mShiftBufferUV, bytesShifted );
break;
case 32:
// includes extraction of shifted-off bytes
- mix32( (int32_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples/dilate,
+ audiofile_alac_mix32( (int32_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples/dilate,
mixBits, mixRes, mShiftBufferUV, bytesShifted );
break;
}
@@ -379,19 +379,19 @@ int32_t ALACEncoder::EncodeStereo( BitBuffer * bitstream, void * inputBuffer, ui
switch ( mBitDepth )
{
case 16:
- mix16( (int16_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, mixBits, mixRes );
+ audiofile_alac_mix16( (int16_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, mixBits, mixRes );
break;
case 20:
- mix20( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, mixBits, mixRes );
+ audiofile_alac_mix20( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, mixBits, mixRes );
break;
case 24:
// also extracts the shifted off bytes into the shift buffers
- mix24( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples,
+ audiofile_alac_mix24( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples,
mixBits, mixRes, mShiftBufferUV, bytesShifted );
break;
case 32:
// also extracts the shifted off bytes into the shift buffers
- mix32( (int32_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples,
+ audiofile_alac_mix32( (int32_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples,
mixBits, mixRes, mShiftBufferUV, bytesShifted );
break;
}
@@ -605,19 +605,19 @@ int32_t ALACEncoder::EncodeStereoFast( BitBuffer * bitstream, void * inputBuffer
switch ( mBitDepth )
{
case 16:
- mix16( (int16_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, mixBits, mixRes );
+ audiofile_alac_mix16( (int16_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, mixBits, mixRes );
break;
case 20:
- mix20( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, mixBits, mixRes );
+ audiofile_alac_mix20( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, mixBits, mixRes );
break;
case 24:
// also extracts the shifted off bytes into the shift buffers
- mix24( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples,
+ audiofile_alac_mix24( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples,
mixBits, mixRes, mShiftBufferUV, bytesShifted );
break;
case 32:
// also extracts the shifted off bytes into the shift buffers
- mix32( (int32_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples,
+ audiofile_alac_mix32( (int32_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples,
mixBits, mixRes, mShiftBufferUV, bytesShifted );
break;
}
@@ -756,7 +756,7 @@ int32_t ALACEncoder::EncodeStereoEscape( BitBuffer * bitstream, void * inputBuff
break;
case 20:
// mix20() with mixres param = 0 means de-interleave so use it to simplify things
- mix20( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, 0, 0 );
+ audiofile_alac_mix20( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, 0, 0 );
for ( index = 0; index < numSamples; index++ )
{
BitBufferWrite( bitstream, mMixBufferU[index], 20 );
@@ -765,7 +765,7 @@ int32_t ALACEncoder::EncodeStereoEscape( BitBuffer * bitstream, void * inputBuff
break;
case 24:
// mix24() with mixres param = 0 means de-interleave so use it to simplify things
- mix24( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, 0, 0, mShiftBufferUV, 0 );
+ audiofile_alac_mix24( (uint8_t *) inputBuffer, stride, mMixBufferU, mMixBufferV, numSamples, 0, 0, mShiftBufferUV, 0 );
for ( index = 0; index < numSamples; index++ )
{
BitBufferWrite( bitstream, mMixBufferU[index], 24 );
diff --git a/libaudiofile/alac/matrix_enc.c b/libaudiofile/alac/matrix_enc.c
index e194330..8abd556 100644
--- a/libaudiofile/alac/matrix_enc.c
+++ b/libaudiofile/alac/matrix_enc.c
@@ -57,7 +57,7 @@
// 16-bit routines
-void mix16( int16_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples, int32_t mixbits, int32_t mixres )
+void audiofile_alac_mix16( int16_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples, int32_t mixbits, int32_t mixres )
{
int16_t * ip = in;
int32_t j;
@@ -95,7 +95,7 @@ void mix16( int16_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t num
// 20-bit routines
// - the 20 bits of data are left-justified in 3 bytes of storage but right-aligned for input/output predictor buffers
-void mix20( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples, int32_t mixbits, int32_t mixres )
+void audiofile_alac_mix20( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples, int32_t mixbits, int32_t mixres )
{
int32_t l, r;
uint8_t * ip = in;
@@ -140,7 +140,7 @@ void mix20( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t num
// 24-bit routines
// - the 24 bits of data are right-justified in the input/output predictor buffers
-void mix24( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples,
+void audiofile_alac_mix24( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples,
int32_t mixbits, int32_t mixres, uint16_t * shiftUV, int32_t bytesShifted )
{
int32_t l, r;
@@ -240,7 +240,7 @@ void mix24( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t num
// - otherwise, the calculations might overflow into the 33rd bit and be lost
// - therefore, these routines deal with the specified "unused lower" bytes in the "shift" buffers
-void mix32( int32_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples,
+void audiofile_alac_mix32( int32_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples,
int32_t mixbits, int32_t mixres, uint16_t * shiftUV, int32_t bytesShifted )
{
int32_t * ip = in;
diff --git a/libaudiofile/alac/matrixlib.h b/libaudiofile/alac/matrixlib.h
index 0a4f371..5728b6d 100644
--- a/libaudiofile/alac/matrixlib.h
+++ b/libaudiofile/alac/matrixlib.h
@@ -38,17 +38,17 @@ extern "C" {
#endif
// 16-bit routines
-void mix16( int16_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples, int32_t mixbits, int32_t mixres );
+void audiofile_alac_mix16( int16_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples, int32_t mixbits, int32_t mixres );
void unmix16( int32_t * u, int32_t * v, int16_t * out, uint32_t stride, int32_t numSamples, int32_t mixbits, int32_t mixres );
// 20-bit routines
-void mix20( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples, int32_t mixbits, int32_t mixres );
+void audiofile_alac_mix20( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples, int32_t mixbits, int32_t mixres );
void unmix20( int32_t * u, int32_t * v, uint8_t * out, uint32_t stride, int32_t numSamples, int32_t mixbits, int32_t mixres );
// 24-bit routines
// - 24-bit data sometimes compresses better by shifting off the bottom byte so these routines deal with
// the specified "unused lower bytes" in the combined "shift" buffer
-void mix24( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples,
+void audiofile_alac_mix24( uint8_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples,
int32_t mixbits, int32_t mixres, uint16_t * shiftUV, int32_t bytesShifted );
void unmix24( int32_t * u, int32_t * v, uint8_t * out, uint32_t stride, int32_t numSamples,
int32_t mixbits, int32_t mixres, uint16_t * shiftUV, int32_t bytesShifted );
@@ -57,7 +57,7 @@ void unmix24( int32_t * u, int32_t * v, uint8_t * out, uint32_t stride, int32_t
// - note that these really expect the internal data width to be < 32-bit but the arrays are 32-bit
// - otherwise, the calculations might overflow into the 33rd bit and be lost
// - therefore, these routines deal with the specified "unused lower" bytes in the combined "shift" buffer
-void mix32( int32_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples,
+void audiofile_alac_mix32( int32_t * in, uint32_t stride, int32_t * u, int32_t * v, int32_t numSamples,
int32_t mixbits, int32_t mixres, uint16_t * shiftUV, int32_t bytesShifted );
void unmix32( int32_t * u, int32_t * v, int32_t * out, uint32_t stride, int32_t numSamples,
int32_t mixbits, int32_t mixres, uint16_t * shiftUV, int32_t bytesShifted );
--
2.11.0
+2 -2
View File
@@ -9,7 +9,7 @@ BASH_SITE = $(BR2_GNU_MIRROR)/bash
# Build after since bash is better than busybox shells
BASH_DEPENDENCIES = ncurses readline host-bison \
$(if $(BR2_PACKAGE_BUSYBOX),busybox)
BASH_CONF_OPTS = --with-installed-readline
BASH_CONF_OPTS = --with-installed-readline --without-bash-malloc
BASH_LICENSE = GPLv3+
BASH_LICENSE_FILES = COPYING
@@ -24,7 +24,7 @@ BASH_CONF_ENV += \
# The static build needs some trickery
ifeq ($(BR2_STATIC_LIBS),y)
BASH_CONF_OPTS += --enable-static-link --without-bash-malloc
BASH_CONF_OPTS += --enable-static-link
# bash wants to redefine the getenv() function. To check whether this is
# possible, AC_TRY_RUN is used which is not possible in
# cross-compilation.
@@ -0,0 +1,34 @@
From d3c098c2fde55ddf0c7d56eae56925103d35da73 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 13 May 2017 18:56:51 +0200
Subject: [PATCH] test: add missing header
test/attest.c: In function 'at_command':
test/attest.c:43:2: error: unknown type name 'fd_set'
fd_set rfds;
^
Fixes:
http://autobuild.buildroot.net/results/06c/06c930d9c5299b79500d018ac3fb2861ce834c7c/
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
test/attest.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/test/attest.c b/test/attest.c
index 12ba682..2626cf1 100644
--- a/test/attest.c
+++ b/test/attest.c
@@ -35,6 +35,8 @@
#include <sys/ioctl.h>
#include <sys/socket.h>
+#include <sys/select.h>
+
#include <bluetooth/bluetooth.h>
#include <bluetooth/rfcomm.h>
--
2.9.3
@@ -0,0 +1,107 @@
From d8056252d0c99bfb2482f0a420dcf9a36019ddf8 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 13 May 2017 18:58:51 +0200
Subject: [PATCH] test: avoid conflict with encrypt function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
With a musl based toolchain:
test/l2test.c:110:12: error: encrypt redeclared as different kind of symbol
static int encrypt = 0;
^
In file included from test/l2test.c:34:0:
[...]/sysroot/usr/include/unistd.h:145:6: note: previous declaration of encrypt was here
void encrypt(char *, int);
^
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
test/l2test.c | 8 ++++----
test/rctest.c | 8 ++++----
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/test/l2test.c b/test/l2test.c
index f66486d..9ef6faf 100644
--- a/test/l2test.c
+++ b/test/l2test.c
@@ -107,7 +107,7 @@ static char *filename = NULL;
static int rfcmode = 0;
static int master = 0;
static int auth = 0;
-static int encrypt = 0;
+static int _encrypt = 0;
static int secure = 0;
static int socktype = SOCK_SEQPACKET;
static int linger = 0;
@@ -340,7 +340,7 @@ static int do_connect(char *svr)
opt |= L2CAP_LM_MASTER;
if (auth)
opt |= L2CAP_LM_AUTH;
- if (encrypt)
+ if (_encrypt)
opt |= L2CAP_LM_ENCRYPT;
if (secure)
opt |= L2CAP_LM_SECURE;
@@ -475,7 +475,7 @@ static void do_listen(void (*handler)(int sk))
opt |= L2CAP_LM_MASTER;
if (auth)
opt |= L2CAP_LM_AUTH;
- if (encrypt)
+ if (_encrypt)
opt |= L2CAP_LM_ENCRYPT;
if (secure)
opt |= L2CAP_LM_SECURE;
@@ -1407,7 +1407,7 @@ int main(int argc, char *argv[])
break;
case 'E':
- encrypt = 1;
+ _encrypt = 1;
break;
case 'S':
diff --git a/test/rctest.c b/test/rctest.c
index 4d7c90a..7ad5a0b 100644
--- a/test/rctest.c
+++ b/test/rctest.c
@@ -79,7 +79,7 @@ static char *filename = NULL;
static int master = 0;
static int auth = 0;
-static int encrypt = 0;
+static int _encrypt = 0;
static int secure = 0;
static int socktype = SOCK_STREAM;
static int linger = 0;
@@ -200,7 +200,7 @@ static int do_connect(const char *svr)
opt |= RFCOMM_LM_MASTER;
if (auth)
opt |= RFCOMM_LM_AUTH;
- if (encrypt)
+ if (_encrypt)
opt |= RFCOMM_LM_ENCRYPT;
if (secure)
opt |= RFCOMM_LM_SECURE;
@@ -291,7 +291,7 @@ static void do_listen(void (*handler)(int sk))
opt |= RFCOMM_LM_MASTER;
if (auth)
opt |= RFCOMM_LM_AUTH;
- if (encrypt)
+ if (_encrypt)
opt |= RFCOMM_LM_ENCRYPT;
if (secure)
opt |= RFCOMM_LM_SECURE;
@@ -701,7 +701,7 @@ int main(int argc, char *argv[])
break;
case 'E':
- encrypt = 1;
+ _encrypt = 1;
break;
case 'S':
--
2.9.3
+1
View File
@@ -4,6 +4,7 @@ config BR2_PACKAGE_BLUEZ_UTILS
depends on BR2_USE_WCHAR # libglib2
depends on BR2_TOOLCHAIN_HAS_THREADS # dbus, alsa-lib, libglib2
depends on BR2_USE_MMU # dbus, libglib2
select BR2_PACKAGE_CHECK
select BR2_PACKAGE_DBUS
select BR2_PACKAGE_LIBGLIB2
help
+1 -1
View File
@@ -8,7 +8,7 @@ BLUEZ_UTILS_VERSION = 4.101
BLUEZ_UTILS_SOURCE = bluez-$(BLUEZ_UTILS_VERSION).tar.xz
BLUEZ_UTILS_SITE = $(BR2_KERNEL_MIRROR)/linux/bluetooth
BLUEZ_UTILS_INSTALL_STAGING = YES
BLUEZ_UTILS_DEPENDENCIES = dbus libglib2
BLUEZ_UTILS_DEPENDENCIES = host-pkgconf check dbus libglib2
BLUEZ_UTILS_CONF_OPTS = --enable-test --enable-tools
BLUEZ_UTILS_AUTORECONF = YES
BLUEZ_UTILS_LICENSE = GPLv2+, LGPLv2.1+
+4
View File
@@ -11,6 +11,10 @@ CPPCMS_LICENSE_FILES = COPYING.TXT
CPPCMS_SITE = http://downloads.sourceforge.net/project/cppcms/cppcms/$(CPPCMS_VERSION)
CPPCMS_INSTALL_STAGING = YES
# disable rpath to avoid getting /usr/lib added to the link search
# path
CPPCMS_CONF_OPTS = -DCMAKE_SKIP_RPATH=ON
CPPCMS_DEPENDENCIES = zlib pcre libgcrypt
ifeq ($(BR2_PACKAGE_CPPCMS_ICU),y)
+1 -1
View File
@@ -82,7 +82,7 @@ define DBUS_REMOVE_VAR_LIB_DBUS
rm -rf $(TARGET_DIR)/var/lib/dbus
endef
DBUS_POST_BUILD_HOOKS += DBUS_REMOVE_VAR_LIB_DBUS
DBUS_PRE_INSTALL_TARGET_HOOKS += DBUS_REMOVE_VAR_LIB_DBUS
define DBUS_REMOVE_DEVFILES
rm -rf $(TARGET_DIR)/usr/lib/dbus-1.0
+1
View File
@@ -102,6 +102,7 @@ define DHCP_INSTALL_INIT_SYSTEMD
ln -sf ../../../../usr/lib/systemd/system/dhcpd.service \
$(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/dhcpd.service
mkdir -p $(TARGET_DIR)/usr/lib/tmpfiles.d
echo "d /var/lib/dhcp 0755 - - - -" > \
$(TARGET_DIR)/usr/lib/tmpfiles.d/dhcpd.conf
echo "f /var/lib/dhcp/dhcpd.leases - - - - -" >> \
+1 -1
View File
@@ -1,2 +1,2 @@
# From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc
sha256 2720ea54ed009af812701bcc290a2a601d5c107d12993e5d92c0f5f81f718891 dropbear-2016.74.tar.bz2
sha256 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c dropbear-2017.75.tar.bz2
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
DROPBEAR_VERSION = 2016.74
DROPBEAR_VERSION = 2017.75
DROPBEAR_SITE = http://matt.ucc.asn.au/dropbear/releases
DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
DROPBEAR_LICENSE = MIT, BSD-2c-like, BSD-2c
+1
View File
@@ -1,2 +1,3 @@
# locally computed hash
sha256 3f260491e2c62e93cb6347ea6f21aaa5f93152e9e7f0269d314623769d82e473 efibootmgr-14.tar.gz
sha256 8e91f16927d296ffebd4f7fafda2f84c0f6201aba089a35e8090abd5aacdc58e 3466fd05c8c6f1052e0426d64eed40f8a88fd78f.patch
+3
View File
@@ -6,6 +6,9 @@
EFIBOOTMGR_VERSION = 14
EFIBOOTMGR_SITE = $(call github,rhinstaller,efibootmgr,$(EFIBOOTMGR_VERSION))
# Patch fixes the build with gcc 6.x.
EFIBOOTMGR_PATCH = \
https://github.com/rhinstaller/efibootmgr/commit/3466fd05c8c6f1052e0426d64eed40f8a88fd78f.patch
EFIBOOTMGR_LICENSE = GPLv2+
EFIBOOTMGR_LICENSE_FILES = COPYING
EFIBOOTMGR_DEPENDENCIES = efivar $(if $(BR2_NEEDS_GETTEXT),gettext)
+10 -6
View File
@@ -179,12 +179,14 @@ config BR2_PACKAGE_EFL_WAYLAND
depends on BR2_PACKAGE_MESA3D_OPENGL_EGL # Evas DRM Engine
depends on BR2_PACKAGE_EFL_EEZE # efl drm
depends on BR2_PACKAGE_EFL_OPENGLES # OpenGL ES with EGL support only
depends on BR2_ENABLE_LOCALE # efl-drm <- efl-elput <- libinput
select BR2_PACKAGE_EFL_DRM
comment "Wayland support needs udev /dev management (eeze) and OpenGL ES w/ EGL, threads"
comment "Wayland support needs udev /dev management (eeze), OpenGL ES w/ EGL, threads, locales"
depends on BR2_PACKAGE_WAYLAND
depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_PACKAGE_MESA3D_OPENGL_EGL \
|| !BR2_PACKAGE_EFL_OPENGLES || !BR2_PACKAGE_EFL_EEZE
|| !BR2_PACKAGE_EFL_OPENGLES || !BR2_PACKAGE_EFL_EEZE \
|| !BR2_ENABLE_LOCALE
choice
bool "OpenGL support"
@@ -216,6 +218,7 @@ endchoice # OpenGL support
config BR2_PACKAGE_EFL_ELPUT
bool "Elput"
depends on BR2_ENABLE_LOCALE # libinput
depends on BR2_PACKAGE_EFL_EEZE
select BR2_PACKAGE_LIBINPUT
select BR2_PACKAGE_LIBXKBCOMMON
@@ -225,23 +228,24 @@ config BR2_PACKAGE_EFL_ELPUT
ecore_drm, etc) to handle interfacing with libinput without
having to duplicate the code in each subsystem.
comment "Elput support needs udev /dev management (eeze)"
depends on !BR2_PACKAGE_EFL_EEZE
comment "Elput support needs udev /dev management (eeze), locales"
depends on !BR2_PACKAGE_EFL_EEZE || !BR2_ENABLE_LOCALE
config BR2_PACKAGE_EFL_DRM
bool "Evas DRM Engine"
depends on BR2_PACKAGE_EFL_EEZE
depends on BR2_TOOLCHAIN_HAS_THREADS # libdrm
depends on BR2_PACKAGE_MESA3D_OPENGL_EGL # require libgbm from mesa3d
depends on BR2_ENABLE_LOCALE # efl-elput <- libinput
select BR2_PACKAGE_EFL_ELPUT
select BR2_PACKAGE_LIBDRM
select BR2_PACKAGE_LIBXKBCOMMON
help
This option enable building support for the Evas DRM Engine.
comment "Evas DRM Engine needs udev /dev management (eeze) and mesa3d w/ EGL support, threads"
comment "Evas DRM Engine needs udev /dev management (eeze), mesa3d w/ EGL support, threads, locales"
depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_PACKAGE_MESA3D_OPENGL_EGL \
|| !BR2_PACKAGE_EFL_EEZE
|| !BR2_PACKAGE_EFL_EEZE || !BR2_ENABLE_LOCALE
comment "libevas loaders"
+32 -20
View File
@@ -1,4 +1,7 @@
Add a --{enable,disable}-progs configure option
From dfea82b761b2ea4708fbf9370a5467ae4be525ca Mon Sep 17 00:00:00 2001
From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Date: Mon, 29 May 2017 23:03:48 +0300
Subject: [PATCH] Add a --{enable,disable}-progs configure option
Add a --{enable,disable}-progs configuration option to elfutils. This
allows to selectively disable the compilation of the elfutils programs
@@ -13,26 +16,15 @@ Based on the former patch by Thomas Petazzoni.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
---
Makefile.am | 6 +++++-
configure.ac | 6 ++++++
2 files changed, 11 insertions(+), 1 deletion(-)
diff -rup a/configure.ac b/configure.ac
--- a/configure.ac 2016-03-31 09:48:08.000000000 +0100
+++ b/configure.ac 2016-06-17 14:47:03.561704498 +0100
@@ -253,6 +253,12 @@ AC_SUBST([LIBEBL_SUBDIR])
AC_DEFINE_UNQUOTED(LIBEBL_SUBDIR, "$LIBEBL_SUBDIR")
AH_TEMPLATE([LIBEBL_SUBDIR], [$libdir subdirectory containing libebl modules.])
+AC_ARG_ENABLE([progs],
+ AS_HELP_STRING([--enable-progs], [enable progs]),
+ enable_progs=$enableval,
+ enable_progs=yes)
+AM_CONDITIONAL(ENABLE_PROGS, test "$enable_progs" = yes)
+
dnl zlib is mandatory.
save_LIBS="$LIBS"
LIBS=
diff -rup a/Makefile.am b/Makefile.am
--- a/Makefile.am 2016-01-12 12:49:19.000000000 +0000
+++ b/Makefile.am 2016-06-17 14:48:02.585861468 +0100
diff --git a/Makefile.am b/Makefile.am
index 2ff444e7bf1d..70443abb4fb6 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -26,9 +26,13 @@ AM_MAKEFLAGS = --no-print-directory
pkginclude_HEADERS = version.h
@@ -48,3 +40,23 @@ diff -rup a/Makefile.am b/Makefile.am
EXTRA_DIST = elfutils.spec GPG-KEY NOTES CONTRIBUTING \
COPYING COPYING-GPLV2 COPYING-LGPLV3
diff --git a/configure.ac b/configure.ac
index c2c1d90b2133..7b4c38381cca 100644
--- a/configure.ac
+++ b/configure.ac
@@ -259,6 +259,12 @@ AC_SUBST([LIBEBL_SUBDIR])
AC_DEFINE_UNQUOTED(LIBEBL_SUBDIR, "$LIBEBL_SUBDIR")
AH_TEMPLATE([LIBEBL_SUBDIR], [$libdir subdirectory containing libebl modules.])
+AC_ARG_ENABLE([progs],
+ AS_HELP_STRING([--enable-progs], [enable progs]),
+ enable_progs=$enableval,
+ enable_progs=yes)
+AM_CONDITIONAL(ENABLE_PROGS, test "$enable_progs" = yes)
+
dnl zlib is mandatory.
save_LIBS="$LIBS"
LIBS=
--
2.11.0
+58 -33
View File
@@ -1,4 +1,7 @@
Add an implementation of the fts_*() functions
From 098760f7eac1fb86b3f6871d5bb10f9f44468f2d Mon Sep 17 00:00:00 2001
From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Date: Mon, 29 May 2017 23:08:05 +0300
Subject: [PATCH] Add an implementation of the fts_*() functions
The fts_*() functions are optional in uClibc, and not compiled in our
default configuration. The best option would be to migrate this
@@ -28,11 +31,21 @@ Based on the former patch by Thomas Petazzoni.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
---
configure.ac | 4 +
libdwfl/Makefile.am | 3 +
libdwfl/fts.c | 1095 ++++++++++++++++++++++++++++++++++++++++
libdwfl/fts_.h | 131 +++++
libdwfl/linux-kernel-modules.c | 4 +
5 files changed, 1237 insertions(+)
create mode 100644 libdwfl/fts.c
create mode 100644 libdwfl/fts_.h
diff -Nrup a/configure.ac b/configure.ac
--- a/configure.ac 2016-06-17 14:47:03.561704498 +0100
+++ b/configure.ac 2016-06-17 14:52:35.038200412 +0100
@@ -259,6 +259,10 @@ AC_ARG_ENABLE([progs],
diff --git a/configure.ac b/configure.ac
index 7b4c38381cca..bcebb05fa532 100644
--- a/configure.ac
+++ b/configure.ac
@@ -265,6 +265,10 @@ AC_ARG_ENABLE([progs],
enable_progs=yes)
AM_CONDITIONAL(ENABLE_PROGS, test "$enable_progs" = yes)
@@ -43,9 +56,25 @@ diff -Nrup a/configure.ac b/configure.ac
dnl zlib is mandatory.
save_LIBS="$LIBS"
LIBS=
diff -Nrup a/libdwfl/fts.c b/libdwfl/fts.c
--- a/libdwfl/fts.c 1970-01-01 01:00:00.000000000 +0100
+++ b/libdwfl/fts.c 2016-06-17 14:57:26.649912084 +0100
diff --git a/libdwfl/Makefile.am b/libdwfl/Makefile.am
index 89ca92ed8110..a5a5615c5f94 100644
--- a/libdwfl/Makefile.am
+++ b/libdwfl/Makefile.am
@@ -77,6 +77,9 @@ endif
if LZMA
libdwfl_a_SOURCES += lzma.c
endif
+if !HAVE_FTS
+libdwfl_a_SOURCES += fts.c
+endif
libdwfl = $(libdw)
libdw = ../libdw/libdw.so
diff --git a/libdwfl/fts.c b/libdwfl/fts.c
new file mode 100644
index 000000000000..f34cc03bd963
--- /dev/null
+++ b/libdwfl/fts.c
@@ -0,0 +1,1095 @@
+/*-
+ * Copyright (c) 1990, 1993, 1994
@@ -1142,9 +1171,11 @@ diff -Nrup a/libdwfl/fts.c b/libdwfl/fts.c
+ errno = oerrno;
+ return (ret);
+}
diff -Nrup a/libdwfl/fts_.h b/libdwfl/fts_.h
--- a/libdwfl/fts_.h 1970-01-01 01:00:00.000000000 +0100
+++ b/libdwfl/fts_.h 2016-06-17 14:58:42.003387566 +0100
diff --git a/libdwfl/fts_.h b/libdwfl/fts_.h
new file mode 100644
index 000000000000..0a070ba8dce5
--- /dev/null
+++ b/libdwfl/fts_.h
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) 1989, 1993
@@ -1277,31 +1308,25 @@ diff -Nrup a/libdwfl/fts_.h b/libdwfl/fts_.h
+__END_DECLS
+
+#endif /* fts.h */
diff -Nrup a/libdwfl/linux-kernel-modules.c b/libdwfl/linux-kernel-modules.c
--- a/libdwfl/linux-kernel-modules.c 2016-03-02 16:25:38.000000000 +0000
+++ b/libdwfl/linux-kernel-modules.c 2016-06-17 14:59:50.267724089 +0100
@@ -29,7 +29,11 @@
/* We include this before config.h because it can't handle _FILE_OFFSET_BITS.
Everything we need here is fine if its declarations just come first. */
diff --git a/libdwfl/linux-kernel-modules.c b/libdwfl/linux-kernel-modules.c
index 9d0fef2cf260..47f0e3892294 100644
--- a/libdwfl/linux-kernel-modules.c
+++ b/libdwfl/linux-kernel-modules.c
@@ -31,10 +31,14 @@
Everything we need here is fine if its declarations just come first.
Also, include sys/types.h before fts. On some systems fts.h is not self
contained. */
+#ifdef HAVE_FTS_H
#include <fts.h>
#ifdef BAD_FTS
#include <sys/types.h>
#include <fts.h>
#endif
+#else
+#include <fts_.h>
+#endif
#include <config.h>
diff -Nrup a/libdwfl/Makefile.am b/libdwfl/Makefile.am
--- a/libdwfl/Makefile.am 2016-01-12 12:49:19.000000000 +0000
+++ b/libdwfl/Makefile.am 2016-06-17 15:01:03.492157569 +0100
@@ -77,6 +77,9 @@ endif
if LZMA
libdwfl_a_SOURCES += lzma.c
endif
+if !HAVE_FTS
+libdwfl_a_SOURCES += fts.c
+endif
libdwfl = $(libdw)
libdw = ../libdw/libdw.so
#include <system.h>
--
2.11.0
@@ -1,4 +1,7 @@
Really make -Werror conditional to BUILD_WERROR
From 1d8f27d73df6369b19ddd6732960df0d4fdec338 Mon Sep 17 00:00:00 2001
From: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Date: Mon, 29 May 2017 23:24:42 +0300
Subject: [PATCH] Really make -Werror conditional to BUILD_WERROR
Otherwise it will fail with an error message like this one:
@@ -12,15 +15,22 @@ cc1: all warnings being treated as errors
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
---
config/eu.am | 1 -
1 file changed, 1 deletion(-)
diff -rup a/config/eu.am b/config/eu.am
--- a/config/eu.am 2016-03-02 16:25:38.000000000 +0000
+++ b/config/eu.am 2016-06-17 15:05:08.270974835 +0100
@@ -65,7 +65,6 @@ AM_CFLAGS = -std=gnu99 -Wall -Wshadow -W
diff --git a/config/eu.am b/config/eu.am
index 8fe1e259f9e2..c5a6209a4e04 100644
--- a/config/eu.am
+++ b/config/eu.am
@@ -71,7 +71,6 @@ AM_CFLAGS = -std=gnu99 -Wall -Wshadow -Wformat=2 \
-Wold-style-definition -Wstrict-prototypes \
$(LOGICAL_OP_WARNING) $(DUPLICATED_COND_WARNING) \
$(NULL_DEREFERENCE_WARNING) \
$(NULL_DEREFERENCE_WARNING) $(IMPLICIT_FALLTHROUGH_WARNING) \
- $(if $($(*F)_no_Werror),,-Werror) \
$(if $($(*F)_no_Wunused),,-Wunused -Wextra) \
$(if $($(*F)_no_Wstack_usage),,$(STACK_USAGE_WARNING)) \
$($(*F)_CFLAGS)
--
2.11.0
+2 -2
View File
@@ -1,2 +1,2 @@
# Locally calculated
sha256 3c056914c8a438b210be0d790463b960fc79d234c3f05ce707cbff80e94cba30 elfutils-0.166.tar.bz2
# From https://sourceware.org/elfutils/ftp/0.169/sha512.sum
sha512 0a81a20bb2aff533d035d6b76f1403437b2e11bce390db57e34b8c26e4b9b3150346d83dddcbfbbdc58063f046ca3223508dba35c6ce88e375d201e7a777a8b9 elfutils-0.169.tar.bz2
+1 -3
View File
@@ -4,7 +4,7 @@
#
################################################################################
ELFUTILS_VERSION = 0.166
ELFUTILS_VERSION = 0.169
ELFUTILS_SOURCE = elfutils-$(ELFUTILS_VERSION).tar.bz2
ELFUTILS_SITE = https://sourceware.org/elfutils/ftp/$(ELFUTILS_VERSION)
ELFUTILS_INSTALL_STAGING = YES
@@ -20,11 +20,9 @@ HOST_ELFUTILS_AUTORECONF = YES
# Pass a custom program prefix to avoid a naming conflict between
# elfutils binaries and binutils binaries.
ELFUTILS_CONF_OPTS += \
--disable-werror \
--program-prefix="eu-"
HOST_ELFUTILS_CONF_OPTS = \
--disable-werror \
--with-bzlib \
--with-lzma \
--disable-progs
@@ -0,0 +1,32 @@
From e85a157b51b1276c91c736d8624d9f3e876e9189 Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Tue, 20 Dec 2016 19:25:32 +0100
Subject: [PATCH] Disable the non-null compare warning/error.
We rely on the provided local library definitions for the hooked
functions which in some cases (GCC >6) carry a non-null-attribute flag
which causes compile errors on `!= NULL` checks.
[Romain: rebase on 0.9.6]
(cherry picked from commit 47e958b753fc15098a2b7d0e9ef26b83ee255874)
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
src/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Makefile b/src/Makefile
index 51634b0..bbbd476 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -67,7 +67,7 @@ INSTALL ?= install
PREFIX ?= /usr/local
LIBDIRNAME ?= /lib/faketime
-CFLAGS += -std=gnu99 -Wall -Wextra -Werror -DFAKE_STAT -DFAKE_SLEEP -DFAKE_TIMERS -DFAKE_INTERNAL_CALLS -fPIC -DPREFIX='"'$(PREFIX)'"' -DLIBDIRNAME='"'$(LIBDIRNAME)'"'
+CFLAGS += -std=gnu99 -Wall -Wextra -Werror -Wno-nonnull-compare -DFAKE_STAT -DFAKE_SLEEP -DFAKE_TIMERS -DFAKE_INTERNAL_CALLS -fPIC -DPREFIX='"'$(PREFIX)'"' -DLIBDIRNAME='"'$(LIBDIRNAME)'"'
LIB_LDFLAGS += -shared
LDFLAGS += -Wl,--version-script=libfaketime.map -lpthread
LDADD += -ldl -lm -lrt
--
2.9.3
+1 -1
View File
@@ -11,7 +11,7 @@ FBGRAB_LICENSE = GPLv2
FBGRAB_LICENSE_FILES = COPYING
define FBGRAB_BUILD_CMDS
$(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D)
$(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D) fbgrab
endef
define FBGRAB_INSTALL_TARGET_CMDS
-27
View File
@@ -1,27 +0,0 @@
hwaccess: sys/io.h is not specific to glibc
Under Linux, sys/io.h provides inb and outb, so we really need it.
However, its inclusion is conditional to the _GLIBC_ define. This is
usually OK under Linux, since both glibc and uClibc define it (uclibc
fakes being glibc).
But the musl C library does not impersonate glibc, so we're missing
including sys/io.h in this case.
Change the include from checking _GLIBC_ to checking whether this is
Linux, looking for the __linux__ define.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
diff -durN flashrom-0.9.8.orig/hwaccess.h flashrom-0.9.8/hwaccess.h
--- flashrom-0.9.8.orig/hwaccess.h 2015-02-10 09:03:10.000000000 +0100
+++ flashrom-0.9.8/hwaccess.h 2015-10-28 20:01:54.259202484 +0100
@@ -27,7 +27,7 @@
#include "platform.h"
#if IS_X86
-#if defined(__GLIBC__)
+#if defined(__linux__)
#include <sys/io.h>
#endif
#endif
+1 -1
View File
@@ -1,2 +1,2 @@
# Locally computed
sha256 13dc7c895e583111ecca370363a3527d237d178a134a94b20db7df177c05f934 flashrom-0.9.8.tar.bz2
sha256 cb3156b0f63eb192024b76c0814135930297aac41f80761a5d293de769783c45 flashrom-0.9.9.tar.bz2
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
FLASHROM_VERSION = 0.9.8
FLASHROM_VERSION = 0.9.9
FLASHROM_SOURCE = flashrom-$(FLASHROM_VERSION).tar.bz2
FLASHROM_SITE = http://download.flashrom.org/releases
FLASHROM_DEPENDENCIES = pciutils libusb libusb-compat libftdi host-pkgconf
+1 -1
View File
@@ -5,4 +5,4 @@ config BR2_PACKAGE_FTOP
Ftop is to files what top is to processes.
The progress of all open files and file systems can be monitored.
https://code.google.com/p/ftop/
https://sourceforge.net/projects/ftop/
+5 -2
View File
@@ -1,2 +1,5 @@
# From https://code.google.com/p/ftop/downloads/detail?name=ftop-1.0.tar.gz&can=2&q=
sha1 a0523862dd63ed3bec14846b6e05afcfdebb15c2 ftop-1.0.tar.gz
# From https://sourceforge.net/projects/ftop/files/ftop/1.0/
md5 57c68b6e7431f4219d9eddaebcb395da ftop-1.0.tar.bz2
sha1 d3ef1b74825f50c7c442d299b29d23c2478f199b ftop-1.0.tar.bz2
# Locally computed
sha256 3a705f4f291384344cd32c3dd5f5f6a7cd7cea7624c83cb7e923966dbcd47f82 ftop-1.0.tar.bz2
+2 -1
View File
@@ -5,7 +5,8 @@
################################################################################
FTOP_VERSION = 1.0
FTOP_SITE = http://ftop.googlecode.com/files
FTOP_SOURCE = ftop-$(FTOP_VERSION).tar.bz2
FTOP_SITE = https://sourceforge.net/projects/ftop/files/ftop/$(FTOP_VERSION)
FTOP_DEPENDENCIES = ncurses
FTOP_LICENSE = GPLv3+
FTOP_LICENSE_FILES = COPYING
+5 -3
View File
@@ -84,9 +84,11 @@ GDB_CONF_ENV = \
# not when cross-compiling with uClibc or musl as C libraries. So use
# gl_cv_func_gettimeofday_clobber=no to not use rpl_gettimeofday,
# assuming musl and uClibc have a properly working gettimeofday
# implementation. It needs to be passed to GDB_MAKE_ENV and not
# GDB_CONF_ENV, because otherwise it does not get passed to the
# configure script of nested packages.
# implementation. It needs to be passed to GDB_CONF_ENV to build
# gdbserver only but also to GDB_MAKE_ENV, because otherwise it does
# not get passed to the configure script of nested packages while
# building gdbserver with full debugger.
GDB_CONF_ENV += gl_cv_func_gettimeofday_clobber=no
GDB_MAKE_ENV = gl_cv_func_gettimeofday_clobber=no
# The shared only build is not supported by gdb, so enable static build for
+1 -1
View File
@@ -1,2 +1,2 @@
# From: https://www.kernel.org/pub/software/scm/git/sha256sums.asc
sha256 c0a779cae325d48a1d5ba08b6ee1febcc31d0657a6da01fd1dec1c6e10976415 git-2.11.1.tar.xz
sha256 016124c54ce2db7a4c2bd26b0de21fbf8f6bcaee04842aa221c7243141df4e42 git-2.12.3.tar.xz
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
GIT_VERSION = 2.11.1
GIT_VERSION = 2.12.3
GIT_SOURCE = git-$(GIT_VERSION).tar.xz
GIT_SITE = https://www.kernel.org/pub/software/scm/git
GIT_LICENSE = GPLv2, LGPLv2.1+
+2 -2
View File
@@ -23,14 +23,14 @@ define HOST_GOOGLE_BREAKPAD_LSS
$(HOST_DIR)/usr/include/linux_syscall_support.h \
$(@D)/src/third_party/lss/linux_syscall_support.h
endef
HOST_GOOGLE_BREAKPAD_POST_EXTRACT_HOOKS += HOST_GOOGLE_BREAKPAD_LSS
HOST_GOOGLE_BREAKPAD_PRE_CONFIGURE_HOOKS += HOST_GOOGLE_BREAKPAD_LSS
define GOOGLE_BREAKPAD_LSS
$(INSTALL) -D -m 0644 \
$(STAGING_DIR)/usr/include/linux_syscall_support.h \
$(@D)/src/third_party/lss/linux_syscall_support.h
endef
GOOGLE_BREAKPAD_POST_EXTRACT_HOOKS += GOOGLE_BREAKPAD_LSS
GOOGLE_BREAKPAD_PRE_CONFIGURE_HOOKS += GOOGLE_BREAKPAD_LSS
define GOOGLE_BREAKPAD_EXTRACT_SYMBOLS
$(EXTRA_ENV) package/google-breakpad/gen-syms.sh $(STAGING_DIR) \
@@ -0,0 +1,41 @@
From 777cb3737ae85b13642fff48eabb601c4d40f527 Mon Sep 17 00:00:00 2001
From: James Knight <james.d.knight@live.com>
Date: Tue, 16 Feb 2016 23:51:08 -0500
Subject: [PATCH] do not interact with systemctl when cross-compiling
The installation process for GPSd on a systemd environment will attempt
to reload systemd's manager configuration (systemctl daemon-reload).
This is to allow the system to take advantage of the newly installed
GPSd services. When cross-compiling, the installation process should not
attempt to interact with the build environment's systemd instance (if
any). The following change checks if the build is not cross compiling
(via 'not env["sysroot"]') before attempting to do a systemd reload.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr: tweak to apply on 3.16]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
---
SConstruct | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/SConstruct b/SConstruct
index c3bfd0d1..97c1b3a9 100644
--- a/SConstruct
+++ b/SConstruct
@@ -1909,10 +1909,12 @@ udev_install = Utility('udev-install', 'install', [
] + hotplug_wrapper_install)
if env['systemd']:
+ env.Requires(udev_install, systemd_install)
+
+if env['systemd'] and not env["sysroot"]:
systemctl_daemon_reload = Utility('systemctl-daemon-reload', '', [ 'systemctl daemon-reload || true'])
env.AlwaysBuild(systemctl_daemon_reload)
env.Precious(systemctl_daemon_reload)
- env.Requires(udev_install, systemd_install)
env.Requires(systemctl_daemon_reload, systemd_install)
env.Requires(udev_install, systemctl_daemon_reload)
--
2.11.0
+1 -1
View File
@@ -10,7 +10,7 @@ HANS_LICENSE = GPLv3+
HANS_LICENSE_FILES = LICENSE
define HANS_BUILD_CMDS
$(TARGET_MAKE_ENV) $(MAKE) GCC="$(TARGET_CC)" GPP="$(TARGET_CXX)" -C $(@D)
$(TARGET_MAKE_ENV) $(MAKE1) GCC="$(TARGET_CC)" GPP="$(TARGET_CXX)" -C $(@D)
endef
define HANS_INSTALL_TARGET_CMDS
@@ -0,0 +1,35 @@
From 022ae220d6e7b5bd064bc8698c271dca4dac7d8c Mon Sep 17 00:00:00 2001
From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Date: Mon, 8 May 2017 22:27:25 +0200
Subject: [PATCH] x86/hyperv_clock: be explicit about mul instruction data size
With gcc 4.7.2, the build fails with:
x86/hyperv_clock.c: Assembler messages:
x86/hyperv_clock.c:21: Error: no instruction mnemonic suffix given and no register operands; can't size instruction
In order to avoid this, make the mul instruction data size explicit by
adding the appropriate suffix. It operates on 64-bit data, so use
"mulq".
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---
x86/hyperv_clock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/x86/hyperv_clock.c b/x86/hyperv_clock.c
index 8b1deba..6c4dd56 100644
--- a/x86/hyperv_clock.c
+++ b/x86/hyperv_clock.c
@@ -19,7 +19,7 @@ static inline u64 scale_delta(u64 delta, u64 mul_frac)
u64 product, unused;
__asm__ (
- "mul %3"
+ "mulq %3"
: "=d" (product), "=a" (unused) : "1" (delta), "rm" ((u64)mul_frac) );
return product;
--
2.7.4
+3 -2
View File
@@ -3,6 +3,7 @@ config BR2_PACKAGE_KYUA
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_PACKAGE_HAS_LUAINTERPRETER # lutok
depends on !BR2_PACKAGE_LUAJIT # lutok
depends on !BR2_STATIC_LIBS # lutok
depends on BR2_USE_MMU # atf
select BR2_PACKAGE_ATF
select BR2_PACKAGE_LUTOK
@@ -16,7 +17,7 @@ config BR2_PACKAGE_KYUA
https://github.com/jmmv/kyua
comment "kyua needs a toolchain w/ C++ and full Lua"
depends on !BR2_INSTALL_LIBSTDCPP || BR2_PACKAGE_LUAJIT
comment "kyua needs a toolchain w/ C++, dynamic library and full Lua"
depends on !BR2_INSTALL_LIBSTDCPP || BR2_PACKAGE_LUAJIT || BR2_STATIC_LIBS
depends on BR2_PACKAGE_HAS_LUAINTERPRETER
depends on BR2_USE_MMU
+1 -1
View File
@@ -5,7 +5,7 @@
################################################################################
LIBEV_VERSION = 4.22
LIBEV_SITE = http://dist.schmorp.de/libev
LIBEV_SITE = http://dist.schmorp.de/libev/Attic
LIBEV_INSTALL_STAGING = YES
LIBEV_LICENSE = BSD-2c or GPLv2+
LIBEV_LICENSE_FILES = LICENSE
+1 -1
View File
@@ -1,2 +1,2 @@
# Locally calculated
sha256 54797f6e763d417627f89f60e4ae0a431dab0523f92f83def23ea02d0defafea libmicrohttpd-0.9.52.tar.gz
sha256 0c1cab8dc9f2588bd3076a28f77a7f8de9560cbf2d80e53f9a8696ada80ed0f8 libmicrohttpd-0.9.55.tar.gz
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
LIBMICROHTTPD_VERSION = 0.9.52
LIBMICROHTTPD_VERSION = 0.9.55
LIBMICROHTTPD_SITE = $(BR2_GNU_MIRROR)/libmicrohttpd
LIBMICROHTTPD_LICENSE_FILES = COPYING
LIBMICROHTTPD_INSTALL_STAGING = YES
@@ -0,0 +1,59 @@
From f0f1f4b22d6a98536377a1bb07e7c20e4703d229 Mon Sep 17 00:00:00 2001
From: Thomas Bernard <miniupnp@free.fr>
Date: Tue, 9 May 2017 12:00:47 +0200
Subject: [PATCH] miniupnpc: Fix CVE-2017-8798
Thanks to tin/Team OSTStrom
[Peter: drop Changelog.txt modification, convert to -p1 format]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
miniupnpc/miniwget.c | 12 +++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/miniwget.c b/miniwget.c
index 37cb47b7..1eda57c5 100644
--- a/miniwget.c
+++ b/miniwget.c
@@ -284,11 +284,12 @@ getHTTPResponse(int s, int * size, int * status_code)
goto end_of_stream;
}
}
- bytestocopy = ((int)chunksize < (n - i))?chunksize:(unsigned int)(n - i);
+ /* it is guaranteed that (n >= i) */
+ bytestocopy = (chunksize < (unsigned int)(n - i))?chunksize:(unsigned int)(n - i);
if((content_buf_used + bytestocopy) > content_buf_len)
{
char * tmp;
- if(content_length >= (int)(content_buf_used + bytestocopy)) {
+ if((content_length >= 0) && ((unsigned int)content_length >= (content_buf_used + bytestocopy))) {
content_buf_len = content_length;
} else {
content_buf_len = content_buf_used + bytestocopy;
@@ -313,14 +314,15 @@ getHTTPResponse(int s, int * size, int * status_code)
{
/* not chunked */
if(content_length > 0
- && (int)(content_buf_used + n) > content_length) {
+ && (content_buf_used + n) > (unsigned int)content_length) {
/* skipping additional bytes */
n = content_length - content_buf_used;
}
if(content_buf_used + n > content_buf_len)
{
char * tmp;
- if(content_length >= (int)(content_buf_used + n)) {
+ if(content_length >= 0
+ && (unsigned int)content_length >= (content_buf_used + n)) {
content_buf_len = content_length;
} else {
content_buf_len = content_buf_used + n;
@@ -340,7 +342,7 @@ getHTTPResponse(int s, int * size, int * status_code)
}
}
/* use the Content-Length header value if available */
- if(content_length > 0 && (int)content_buf_used >= content_length)
+ if(content_length > 0 && content_buf_used >= (unsigned int)content_length)
{
#ifdef DEBUG
printf("End of HTTP content\n");
@@ -1,28 +0,0 @@
From dd091c8af163213e12aa92f61bc4916e0f102633 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Tue, 26 Jul 2016 08:45:33 +0200
Subject: [PATCH] configure: don't add -Werror to build flags
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
Patch status: upstream
configure.ac | 2 --
1 file changed, 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 7a14e04..066f5fe 100644
--- a/configure.ac
+++ b/configure.ac
@@ -70,8 +70,6 @@ AC_ARG_ENABLE([gcc-warnings],
)
if test "$gl_gcc_warnings" = yes; then
- gl_WARN_ADD([-Werror], [WERROR_CFLAGS])
-
nw="$nw -Wsystem-headers" # Don't let system headers trigger warnings
nw="$nw -Wc++-compat" # We don't care strongly about C++ compilers
nw="$nw -Wtraditional" # Warns on #elif which we use often
--
2.7.3
+1 -1
View File
@@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
sha256 4f6f7a8fd691ac2b8307c8ca365bad711db607d4ad5966f6938a9d2ecd65c920 libtasn1-4.9.tar.gz
sha256 6753da2e621257f33f5b051cc114d417e5206a0818fe0b1ecfd6153f70934753 libtasn1-4.12.tar.gz
+1 -3
View File
@@ -4,7 +4,7 @@
#
################################################################################
LIBTASN1_VERSION = 4.9
LIBTASN1_VERSION = 4.12
LIBTASN1_SITE = $(BR2_GNU_MIRROR)/libtasn1
LIBTASN1_DEPENDENCIES = host-bison
LIBTASN1_LICENSE = GPLv3+ (tests, tools), LGPLv2.1+ (library)
@@ -12,7 +12,5 @@ LIBTASN1_LICENSE_FILES = COPYING COPYING.LIB
LIBTASN1_INSTALL_STAGING = YES
# 'missing' fallback logic botched so disable it completely
LIBTASN1_CONF_ENV = MAKEINFO="true"
# For 0001-configure-don-t-add-Werror-to-build-flags.patch
LIBTASN1_AUTORECONF = YES
$(eval $(autotools-package))
+1 -1
View File
@@ -13,7 +13,7 @@ LIBUBOX_DEPENDENCIES = $(if $(BR2_PACKAGE_JSON_C),json-c)
ifeq ($(BR2_USE_MMU)$(BR2_PACKAGE_LUA_5_1),yy)
LIBUBOX_DEPENDENCIES += lua
LIBUBOX_CONF_OPTS += -DBUILD_LUA=ON \
-DLUAPATH=$(STAGING_DIR)/usr/lib/lua/5.1 \
-DLUAPATH=/usr/lib/lua/5.1 \
-DLUA_CFLAGS=-I$(STAGING_DIR)/usr/include
else
LIBUBOX_CONF_OPTS += -DBUILD_LUA=OFF
+5 -5
View File
@@ -217,12 +217,12 @@ config BR2_DEFAULT_KERNEL_HEADERS
default "3.2.88" if BR2_KERNEL_HEADERS_3_2
default "3.4.113" if BR2_KERNEL_HEADERS_3_4
default "3.10.105" if BR2_KERNEL_HEADERS_3_10
default "3.12.73" if BR2_KERNEL_HEADERS_3_12
default "3.18.51" if BR2_KERNEL_HEADERS_3_18
default "3.12.74" if BR2_KERNEL_HEADERS_3_12
default "3.18.55" if BR2_KERNEL_HEADERS_3_18
default "3.19.8" if BR2_KERNEL_HEADERS_3_19
default "4.0.9" if BR2_KERNEL_HEADERS_4_0
default "4.1.39" if BR2_KERNEL_HEADERS_4_1
default "4.4.65" if BR2_KERNEL_HEADERS_4_4
default "4.1.40" if BR2_KERNEL_HEADERS_4_1
default "4.4.70" if BR2_KERNEL_HEADERS_4_4
default "4.8.17" if BR2_KERNEL_HEADERS_4_8
default "4.9.25" if BR2_KERNEL_HEADERS_4_9
default "4.9.30" if BR2_KERNEL_HEADERS_4_9
default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
+3 -3
View File
@@ -5,7 +5,7 @@ comment "ltp-testsuite needs specific uClibc options, see help"
config BR2_PACKAGE_LTP_TESTSUITE
bool "ltp-testsuite"
depends on BR2_USE_MMU # fork()
depends on BR2_TOOLCHAIN_HAS_THREADS
depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL
depends on !BR2_TOOLCHAIN_USES_MUSL
select BR2_PACKAGE_LIBTIRPC if !BR2_TOOLCHAIN_HAS_NATIVE_RPC
# does not build, cachectl.h issue
@@ -22,7 +22,7 @@ config BR2_PACKAGE_LTP_TESTSUITE
http://linux-test-project.github.io
comment "ltp-testsuite needs a glibc or uClibc toolchain w/ threads"
comment "ltp-testsuite needs a glibc or uClibc toolchain w/ NPTL"
depends on !BR2_nios2
depends on BR2_USE_MMU
depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAIN_USES_MUSL
depends on !BR2_TOOLCHAIN_HAS_THREADS_NPTL || BR2_TOOLCHAIN_USES_MUSL
+1
View File
@@ -70,6 +70,7 @@ define LUA_BUILD_CMDS
CC="$(TARGET_CC)" RANLIB="$(TARGET_RANLIB)" \
CFLAGS="$(TARGET_CFLAGS) $(LUA_CFLAGS)" \
MYLIBS="$(LUA_MYLIBS)" AR="$(TARGET_CROSS)ar rcu" \
MYLDFLAGS="$(TARGET_LDFLAGS)" \
BUILDMODE=$(LUA_BUILDMODE) \
PKG_VERSION=$(LUA_VERSION) -C $(@D)/src all
endef
@@ -0,0 +1,109 @@
From ce661985c098635965573aac8fc983a72f60d396 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Tue, 30 May 2017 16:42:34 +0200
Subject: [PATCH] buildroot-libtool-v1.5.patch
Apply buildroot-libtool-v1.5.patch rebased on libtool 1.5.2 used
in madplay and fixing all conflicts.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
ltmain.sh | 40 ++++++++++++++++++++++++++++++----------
1 file changed, 30 insertions(+), 10 deletions(-)
diff --git a/ltmain.sh b/ltmain.sh
index 4b9f940..0b71220 100644
--- a/ltmain.sh
+++ b/ltmain.sh
@@ -164,6 +164,11 @@ do
arg="$1"
shift
+ # Make -static behave as -all-static
+ case $arg in
+ -static) arg="-all-static" ;;
+ esac
+
case $arg in
-*=*) optarg=`$echo "X$arg" | $Xsed -e 's/[-_a-zA-Z0-9]*=//'` ;;
*) optarg= ;;
@@ -549,8 +554,9 @@ if test -z "$show_help"; then
# line option must be used.
if test -z "$tagname"; then
$echo "$modename: unable to infer tagged configuration"
- $echo "$modename: specify a tag with \`--tag'" 1>&2
- exit 1
+ $echo "$modename: defaulting to \`CC'"
+ $echo "$modename: if this is not correct, specify a tag with \`--tag'"
+# exit 1
# else
# $echo "$modename: using $tagname tagged configuration"
fi
@@ -1228,7 +1234,8 @@ EOF
prevarg="$arg"
case $arg in
- -all-static)
+ # Make -static behave like -all-static
+ -all-static | -static)
if test -n "$link_static_flag"; then
compile_command="$compile_command $link_static_flag"
finalize_command="$finalize_command $link_static_flag"
@@ -2135,8 +2142,14 @@ EOF
absdir="$abs_ladir"
libdir="$abs_ladir"
else
- dir="$libdir"
- absdir="$libdir"
+ # Adding 'libdir' from the .la file to our library search paths
+ # breaks crosscompilation horribly. We cheat here and don't add
+ # it, instead adding the path where we found the .la. -CL
+ dir="$abs_ladir"
+ absdir="$abs_ladir"
+ libdir="$abs_ladir"
+ #dir="$libdir"
+ #absdir="$libdir"
fi
else
dir="$ladir/$objdir"
@@ -2261,7 +2274,7 @@ EOF
{ test "$prefer_static_libs" = no || test -z "$old_library"; }; then
if test "$installed" = no; then
notinst_deplibs="$notinst_deplibs $lib"
- need_relink=yes
+ need_relink=no
fi
# This is a shared library
@@ -5146,6 +5159,10 @@ fi\
# Replace all uninstalled libtool libraries with the installed ones
newdependency_libs=
for deplib in $dependency_libs; do
+ # Replacing uninstalled with installed can easily break crosscompilation,
+ # since the installed path is generally the wrong architecture. -CL
+ newdependency_libs="$newdependency_libs $deplib"
+ continue
case $deplib in
*.la)
name=`$echo "X$deplib" | $Xsed -e 's%^.*/%%'`
@@ -5464,10 +5481,13 @@ relink_command=\"$relink_command\""
# At present, this check doesn't affect windows .dll's that
# are installed into $libdir/../bin (currently, that works fine)
# but it's something to keep an eye on.
- if test "$inst_prefix_dir" = "$destdir"; then
- $echo "$modename: error: cannot install \`$file' to a directory not ending in $libdir" 1>&2
- exit 1
- fi
+ #
+ # This breaks install into our staging area. -PB
+ #
+ # if test "$inst_prefix_dir" = "$destdir"; then
+ # $echo "$modename: error: cannot install \`$file' to a directory not ending in $libdir" 1>&2
+ # exit 1
+ # fi
if test -n "$inst_prefix_dir"; then
# Stick the inst_prefix_dir data into the link command.
--
2.9.4
+2 -2
View File
@@ -1,2 +1,2 @@
# From https://downloads.mariadb.org/mariadb/10.1.22/
sha256 bcb0572e7ad32cea9740a21e9255f733bdf60a5561ffbda317c22dd12b3966ce mariadb-10.1.22.tar.gz
# From https://downloads.mariadb.org/mariadb/10.1.23/
sha256 54d8114e24bfa5e3ebdc7d69e071ad1471912847ea481b227d204f9d644300bf mariadb-10.1.23.tar.gz
+4 -2
View File
@@ -4,10 +4,12 @@
#
################################################################################
MARIADB_VERSION = 10.1.22
MARIADB_VERSION = 10.1.23
MARIADB_SITE = https://downloads.mariadb.org/interstitial/mariadb-$(MARIADB_VERSION)/source
MARIADB_LICENSE = GPLv2 (server), GPLv2 with FLOSS exception (GPL client library), LGPLv2 (LGPL client library)
MARIADB_LICENSE_FILES = README COPYING COPYING.LESSER
# Tarball no longer contains LGPL license text
# https://jira.mariadb.org/browse/MDEV-12297
MARIADB_LICENSE_FILES = README COPYING
MARIADB_INSTALL_STAGING = YES
MARIADB_PROVIDES = mysql
+2 -7
View File
@@ -18,9 +18,7 @@ MONO_INSTALL_STAGING = YES
MONO_AUTORECONF = YES
# Disable managed code (mcs folder) from building
MONO_CONF_OPTS = --disable-gtk-doc \
--with-mcs-docs=no \
--with-moonlight=no \
MONO_CONF_OPTS = --with-mcs-docs=no \
--with-ikvm-native=no \
--enable-minimal=profiler,debug \
--disable-mcs-build \
@@ -31,7 +29,6 @@ MONO_CONF_OPTS = --disable-gtk-doc \
define MONO_INSTALL_LIBS
rsync -av --exclude=*.so --exclude=*.mdb \
$(HOST_DIR)/usr/lib/mono $(TARGET_DIR)/usr/lib/
rsync -av $(HOST_DIR)/etc/mono $(TARGET_DIR)/etc
endef
MONO_POST_INSTALL_TARGET_HOOKS += MONO_INSTALL_LIBS
@@ -44,9 +41,7 @@ MONO_DEPENDENCIES += host-mono
## Mono managed
HOST_MONO_CONF_OPTS = --disable-gtk-doc \
--with-mcs-docs=no \
--with-moonlight=no \
HOST_MONO_CONF_OPTS = --with-mcs-docs=no \
--disable-libraries \
--with-ikvm-native=no \
--enable-minimal=profiler,debug \
+2 -2
View File
@@ -1,2 +1,2 @@
# From https://www.eclipse.org/downloads/download.php?file=/mosquitto/source/mosquitto-1.4.10.tar.gz
sha512 fe5d6d7196a137a496ba6881c77d852396baefb4f0b83ccd9a22175fc05b09e48a09ea249e30ec7db966e11de134ebcc4e2e9b1fd40b31dc59fb0fa2f60b75a1 mosquitto-1.4.10.tar.gz
# Locally computed:
sha512 75e6105498869ab13265df7a0bea6052c014d59d0c0efb61162d8257d34c0153fce32130e84c28e99fd494f374949aac5e01c19f7439c2eea575b52ef1179c3c mosquitto-1.4.12.tar.gz
+8 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
MOSQUITTO_VERSION = 1.4.10
MOSQUITTO_VERSION = 1.4.12
MOSQUITTO_SITE = http://mosquitto.org/files/source
MOSQUITTO_LICENSE = EPLv1.0 or EDLv1.0
MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v10 edl-v10
@@ -17,6 +17,13 @@ MOSQUITTO_MAKE_OPTS = \
WITH_WRAP=no \
WITH_DOCS=no
# adns uses getaddrinfo_a
ifeq ($(BR2_TOOLCHAIN_USES_GLIBC),y)
MOSQUITTO_MAKE_OPTS += WITH_ADNS=yes
else
MOSQUITTO_MAKE_OPTS += WITH_ADNS=no
endif
ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
MOSQUITTO_MAKE_OPTS += WITH_THREADING=yes
else
+1 -1
View File
@@ -5,7 +5,7 @@
################################################################################
MXML_VERSION = 2.10
MXML_SITE = http://www.msweet.org/files/project3
MXML_SITE = https://github.com/michaelrsweet/mxml/releases/download/release-$(MXML_VERSION)
MXML_LICENSE = LGPLv2+ with exceptions
MXML_LICENSE_FILES = COPYING
MXML_INSTALL_STAGING = YES
+23
View File
@@ -0,0 +1,23 @@
ntpq/Makefile.am: add NTP_HARD_CFLAGS
Pass NTP_HARD_CFLAGS when building ntpq, like in all other ntp
modules, to make sure -fPIC is passed.
Originally taken from
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=494143c3b4921a5c8b8596d58f2c8b98296bf688.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Index: b/ntpq/Makefile.am
===================================================================
--- a/ntpq/Makefile.am
+++ b/ntpq/Makefile.am
@@ -23,7 +23,7 @@
ntpq_LDADD += $(LDADD_NTP)
noinst_HEADERS= ntpq.h
noinst_LIBRARIES= libntpq.a
-libntpq_a_CFLAGS= -DNO_MAIN_ALLOWED -DBUILD_AS_LIB
+libntpq_a_CFLAGS= $(NTP_HARD_CFLAGS) -DNO_MAIN_ALLOWED -DBUILD_AS_LIB
CLEANFILES=
DISTCLEANFILES= .version version.c config.log $(man_MANS)
ETAGS_ARGS= Makefile.am
+1
View File
@@ -21,6 +21,7 @@ NTP_CONF_OPTS = \
--with-crypto
# 0002-ntp-syscalls-fallback.patch
# 0003-ntpq-fpic.patch
NTP_AUTORECONF = YES
ifeq ($(BR2_TOOLCHAIN_HAS_SSP),y)
+1 -1
View File
@@ -6,7 +6,7 @@
NVIDIA_DRIVER_VERSION = 375.20
NVIDIA_DRIVER_SUFFIX = $(if $(BR2_x86_64),_64)
NVIDIA_DRIVER_SITE = ftp://download.nvidia.com/XFree86/Linux-x86$(NVIDIA_DRIVER_SUFFIX)/$(NVIDIA_DRIVER_VERSION)
NVIDIA_DRIVER_SITE = http://download.nvidia.com/XFree86/Linux-x86$(NVIDIA_DRIVER_SUFFIX)/$(NVIDIA_DRIVER_VERSION)
NVIDIA_DRIVER_SOURCE = NVIDIA-Linux-x86$(NVIDIA_DRIVER_SUFFIX)-$(NVIDIA_DRIVER_VERSION).run
NVIDIA_DRIVER_LICENSE = NVIDIA Software License
NVIDIA_DRIVER_LICENSE_FILES = LICENSE
+2 -1
View File
@@ -31,7 +31,8 @@ config BR2_PACKAGE_OPENBLAS_DEFAULT_TARGET
default "SICORTEX" if BR2_MIPS_CPU_MIPS64
# I6400 is built with MSA support which is only available in Codescape toolchains
default "I6400" if BR2_mips_i6400 && BR2_TOOLCHAIN_EXTERNAL_CODESCAPE_IMG_MIPS
default "SPARC" if BR2_sparc
# OpenBLAS assumes SPARC=Sparc v9
default "SPARC" if BR2_sparc_v9
# Cortex-A15 always have a VFPv4
default "CORTEXA15" if (BR2_cortex_a15 && BR2_ARM_EABIHF)
# Cortex-A9 have an optional VFPv3, so we need to make sure it
+7
View File
@@ -14,6 +14,13 @@ config BR2_PACKAGE_OPENVPN
if BR2_PACKAGE_OPENVPN
config BR2_PACKAGE_OPENVPN_LZ4
bool "LZ4 compression"
default y
select BR2_PACKAGE_LZ4
help
Enable LZ4 compression.
config BR2_PACKAGE_OPENVPN_LZO
bool "LZO compression"
default y
+1 -1
View File
@@ -1,2 +1,2 @@
# Locally calculated
sha256 6f23ba49a1dbeb658f49c7ae17d9ea979de6d92c7357de3d55cd4525e1b2f87e openvpn-2.4.0.tar.xz
sha256 df5c4f384b7df6b08a2f6fa8a84b9fd382baf59c2cef1836f82e2a7f62f1bff9 openvpn-2.4.2.tar.xz
+8 -3
View File
@@ -4,7 +4,7 @@
#
################################################################################
OPENVPN_VERSION = 2.4.0
OPENVPN_VERSION = 2.4.2
OPENVPN_SOURCE = openvpn-$(OPENVPN_VERSION).tar.xz
OPENVPN_SITE = http://swupdate.openvpn.net/community/releases
OPENVPN_DEPENDENCIES = host-pkgconf openssl
@@ -22,8 +22,7 @@ OPENVPN_CONF_ENV = IFCONFIG=/sbin/ifconfig \
ifeq ($(BR2_PACKAGE_OPENVPN_SMALL),y)
OPENVPN_CONF_OPTS += \
--enable-small \
--disable-plugins \
--disable-eurephia
--disable-plugins
endif
# BusyBox 1.21+ places the ip applet in the "correct" place
@@ -36,6 +35,12 @@ else
OPENVPN_CONF_ENV += IPROUTE=/sbin/ip
endif
ifeq ($(BR2_PACKAGE_OPENVPN_LZ4),y)
OPENVPN_DEPENDENCIES += lz4
else
OPENVPN_CONF_OPTS += --disable-lz4
endif
ifeq ($(BR2_PACKAGE_OPENVPN_LZO),y)
OPENVPN_DEPENDENCIES += lzo
else
@@ -0,0 +1,22 @@
Fix type conversion
Fixes the following build error with gcc 6.x:
protocol.cc:27:40: error: narrowing conversion of ''\37777777776'' from 'char' to 'uchar {aka unsigned char}' inside { } [-Wnarrowing]
static uchar eof_buff[1]= { (char) 254 }; /* Marker for end of fields */
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Index: b/server-tools/instance-manager/protocol.cc
===================================================================
--- a/server-tools/instance-manager/protocol.cc
+++ b/server-tools/instance-manager/protocol.cc
@@ -24,7 +24,7 @@
#include <m_string.h>
-static uchar eof_buff[1]= { (char) 254 }; /* Marker for end of fields */
+static uchar eof_buff[1]= { (uchar) 254 }; /* Marker for end of fields */
static const char ERROR_PACKET_CODE= (char) 255;
+2 -1
View File
@@ -10,7 +10,8 @@ PICOCOM_LICENSE = GPLv2+
PICOCOM_LICENSE_FILES = LICENSE.txt
define PICOCOM_BUILD_CMDS
$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D)
$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) \
LDFLAGS="$(TARGET_LDFLAGS)" -C $(@D)
endef
define PICOCOM_INSTALL_TARGET_CMDS
+1
View File
@@ -683,6 +683,7 @@ $(1)-legal-source: $$($(2)_TARGET_ACTUAL_SOURCE)
endif # actual sources != sources
endif # actual sources != ""
$(1)-source-check: PKG=$(2)
$(1)-source-check:
$$(foreach p,$$($(2)_ALL_DOWNLOADS),$$(call SOURCE_CHECK,$$(p))$$(sep))
+1
View File
@@ -21,6 +21,7 @@ POPT_CONF_ENV = ac_cv_va_copy=yes
ifeq ($(BR2_PACKAGE_LIBICONV),y)
POPT_CONF_ENV += am_cv_lib_iconv=yes
POPT_CONF_OPTS += --with-libiconv-prefix=$(STAGING_DIR)/usr
POPT_DEPENDENCIES += libiconv
endif
$(eval $(autotools-package))
+2 -2
View File
@@ -1,2 +1,2 @@
# From https://ftp.postgresql.org/pub/source/v9.6.1/postgresql-9.6.1.tar.bz2.sha256
sha256 e5101e0a49141fc12a7018c6dad594694d3a3325f5ab71e93e0e51bd94e51fcd postgresql-9.6.1.tar.bz2
# From https://ftp.postgresql.org/pub/source/v9.6.3/postgresql-9.6.3.tar.bz2.sha256
sha256 1645b3736901f6d854e695a937389e68ff2066ce0cde9d73919d6ab7c995b9c6 postgresql-9.6.3.tar.bz2
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
POSTGRESQL_VERSION = 9.6.1
POSTGRESQL_VERSION = 9.6.3
POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
POSTGRESQL_LICENSE = PostgreSQL
@@ -0,0 +1,28 @@
From 6ad4d7a6f17edecc3523a7ab3d627f9a70dbacc1 Mon Sep 17 00:00:00 2001
From: Uwe Hermann <uwe@hermann-uwe.de>
Date: Wed, 17 May 2017 11:00:44 +0200
Subject: [PATCH] CMakeLists.txt: Avoid -fext-numeric-literals, (not supported
by clang).
This (re-)fixes bug #863.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
---
CMakeLists.txt | 1 +
1 file changed, 1 insertion(+)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index e8bc79f..e7e4432 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -395,6 +395,7 @@ add_definitions(${QT_DEFINITIONS} -DQT_NO_KEYWORDS)
add_definitions(-D__STDC_LIMIT_MACROS)
add_definitions(-Wall -Wextra)
add_definitions(-std=c++11)
+add_definitions(-DBOOST_MATH_DISABLE_FLOAT128=1)
if(ENABLE_DECODE)
add_definitions(-DENABLE_DECODE)
--
2.9.3
@@ -0,0 +1,42 @@
From fe8a9bacf781fcf290e04a08f2b8e37d881d58bb Mon Sep 17 00:00:00 2001
From: Peter Seiderer <ps.report@gmx.net>
Date: Thu, 27 Apr 2017 22:41:28 +0200
Subject: [PATCH] examples: fix compile without gui module
Fixes:
Project ERROR: Could not find feature opengl.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
---
examples/gui/gui.pro | 2 +-
examples/widgets/widgets.pro | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/examples/gui/gui.pro b/examples/gui/gui.pro
index a4d960d3f5..b8080c2075 100644
--- a/examples/gui/gui.pro
+++ b/examples/gui/gui.pro
@@ -6,5 +6,5 @@ CONFIG += no_docs_target
SUBDIRS += analogclock
SUBDIRS += rasterwindow
-qtConfig(opengl): \
+qtHaveModule(gui):qtConfig(opengl): \
SUBDIRS += openglwindow
diff --git a/examples/widgets/widgets.pro b/examples/widgets/widgets.pro
index 513ddc91f2..cef4936d32 100644
--- a/examples/widgets/widgets.pro
+++ b/examples/widgets/widgets.pro
@@ -22,7 +22,7 @@ SUBDIRS = \
tutorials \
widgets
-qtConfig(opengl): \
+qtHaveModule(gui):qtConfig(opengl): \
SUBDIRS += windowcontainer
contains(DEFINES, QT_NO_CURSOR): SUBDIRS -= mainwindows
--
2.11.0
+6
View File
@@ -41,6 +41,12 @@ else
QWT_CONFIG += -e 's/^.*QWT_CONFIG.*QwtOpenGL.*$$/\# QWT_CONFIG += QwtOpenGL/'
endif
ifeq ($(BR2_STATIC_LIBS),y)
QWT_CONFIG += -e 's/^.*QWT_CONFIG.*QwtDll.*$$/\# QWT_CONFIG += QwtDll/'
else
QWT_CONFIG += -e 's/^.*QWT_CONFIG.*QwtDll.*$$/QWT_CONFIG += QwtDll/'
endif
define QWT_CONFIGURE_CMDS
$(SED) $(QWT_CONFIG) $(@D)/qwtconfig.pri
(cd $(@D); $(TARGET_MAKE_ENV) $(QWT_QMAKE))
+8 -2
View File
@@ -21,14 +21,20 @@ else ifeq ($(BR2_SHARED_LIBS),y)
RABBITMQ_C_CONF_OPTS += -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=OFF
endif
ifeq ($(BR2_PACKAGE_OPENSSL),y)
# CMake OpenSSL detection is buggy, and doesn't properly use
# pkg-config, so it fails when statically linking. See
# https://gitlab.kitware.com/cmake/cmake/issues/16885.
ifeq ($(BR2_PACKAGE_OPENSSL):$(BR2_STATIC_LIBS),y:)
RABBITMQ_C_CONF_OPTS += -DENABLE_SSL_SUPPORT=ON
RABBITMQ_C_DEPENDENCIES += openssl
else
RABBITMQ_C_CONF_OPTS += -DENABLE_SSL_SUPPORT=OFF
endif
ifeq ($(BR2_PACKAGE_POPT), y)
# Popt is sometimes linked against libintl, but CMake doesn't know
# about that, and there's no way to tell manually CMake to link
# against an additional library.
ifeq ($(BR2_PACKAGE_POPT):$(BR2_STATIC_LIBS),y:)
RABBITMQ_C_CONF_OPTS += -DBUILD_TOOLS=ON
RABBITMQ_C_DEPENDENCIES += popt
else
+9 -4
View File
@@ -13,17 +13,22 @@ define REDIS_USERS
redis -1 redis -1 * /var/lib/redis /bin/false - Redis Server
endef
# Uses __atomic_fetch_add_4
# Uses __atomic_fetch_add_4. Adding -latomic to LDFLAGS does not work,
# because LDFLAGS is used before the list of object files. We need to
# add -latomic to FINAL_LIBS to provide -latomic at the correct place
# in the linking command.
ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
REDIS_LIBATOMIC = -latomic
define REDIS_FIX_MAKEFILE
$(SED) 's/FINAL_LIBS=-lm/FINAL_LIBS=-lm -latomic/' $(@D)/src/Makefile
endef
REDIS_POST_PATCH_HOOKS = REDIS_FIX_MAKEFILE
endif
# Redis doesn't support DESTDIR (yet, see
# https://github.com/antirez/redis/pull/609). We set PREFIX
# instead.
REDIS_BUILDOPTS = $(TARGET_CONFIGURE_OPTS) \
LDFLAGS="$(TARGET_LDFLAGS) $(REDIS_LIBATOMIC)" \
PREFIX=$(TARGET_DIR)/usr MALLOC=libc \
PREFIX=$(TARGET_DIR)/usr MALLOC=libc
define REDIS_BUILD_CMDS
$(TARGET_MAKE_ENV) $(MAKE) $(REDIS_BUILDOPTS) -C $(@D)
@@ -0,0 +1,231 @@
From 093bf65c79af417cffa09d6475f58923540eebcc Mon Sep 17 00:00:00 2001
From: Doran Moppert <dmoppert@redhat.com>
Date: Thu, 11 May 2017 11:42:54 -0400
Subject: [PATCH] rpcbind: pair all svc_getargs() calls with svc_freeargs() to
avoid memory leak
This patch is to address CVE-2017-8779 "rpcbomb" in rpcbind, discussed
at [1], [2], [3]. The last link suggests this issue is actually a bug
in rpcbind, which led me here.
The leak caused by the reproducer at [4] appears to come from
rpcb_service_4(), in the case where svc_getargs() returns false and the
function had an early return, rather than passing through the cleanup
path at done:, as would otherwise occur.
It also addresses a couple of other locations where the same fault seems
to exist, though I haven't been able to exercise those. I hope someone
more intimate with rpc(3) can confirm my understanding is correct, and
that I haven't introduced any new bugs.
Without this patch, using the reproducer (and variants) repeatedly
against rpcbind with a numBytes argument of 1_000_000_000, /proc/$(pidof
rpcbind)/status reports VmSize increase of 976564 kB each call, and
VmRSS increase of around 260 kB every 33 calls - the specific numbers
are probably an artifact of my rhel/glibc version. With the patch,
there is a small (~50 kB) VmSize increase with the first message, but
thereafter both VmSize and VmRSS remain steady.
[1]: http://seclists.org/oss-sec/2017/q2/209
[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1448124
[3]: https://sourceware.org/ml/libc-alpha/2017-05/msg00129.html
[4]: https://github.com/guidovranken/rpcbomb/
Signed-off-by: Doran Moppert <dmoppert@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
(cherry picked from commit 7ea36eeece56b59f98e469934e4c20b4da043346)
[Peter: unconditionally include syslog.h for LOG_DEBUG]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
src/pmap_svc.c | 58 ++++++++++++++++++++++++++++++++++++++++++++----------
src/rpcb_svc.c | 2 +-
src/rpcb_svc_4.c | 2 +-
src/rpcb_svc_com.c | 8 ++++++++
4 files changed, 58 insertions(+), 12 deletions(-)
diff --git a/src/pmap_svc.c b/src/pmap_svc.c
index ad28b93..f730bed 100644
--- a/src/pmap_svc.c
+++ b/src/pmap_svc.c
@@ -53,8 +53,8 @@ static char sccsid[] = "@(#)pmap_svc.c 1.23 89/04/05 Copyr 1984 Sun Micro";
#include <rpc/rpc.h>
#include <rpc/pmap_prot.h>
#include <rpc/rpcb_prot.h>
-#ifdef RPCBIND_DEBUG
#include <syslog.h>
+#ifdef RPCBIND_DEBUG
#include <stdlib.h>
#endif
#include "rpcbind.h"
@@ -175,6 +175,7 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
long ans;
uid_t uid;
char uidbuf[32];
+ int rc = TRUE;
/*
* Can't use getpwnam here. We might end up calling ourselves
@@ -194,7 +195,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
svcerr_decode(xprt);
- return (FALSE);
+ rc = FALSE;
+ goto done;
}
#ifdef RPCBIND_DEBUG
if (debugging)
@@ -205,7 +207,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) {
svcerr_weakauth(xprt);
- return (FALSE);
+ rc = (FALSE);
+ goto done;
}
rpcbreg.r_prog = reg.pm_prog;
@@ -258,7 +261,16 @@ done_change:
rpcbs_set(RPCBVERS_2_STAT, ans);
else
rpcbs_unset(RPCBVERS_2_STAT, ans);
- return (TRUE);
+done:
+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
+ if (debugging) {
+ (void) xlog(LOG_DEBUG, "unable to free arguments\n");
+ if (doabort) {
+ rpcbind_abort();
+ }
+ }
+ }
+ return (rc);
}
/* ARGSUSED */
@@ -272,15 +284,18 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
#ifdef RPCBIND_DEBUG
char *uaddr;
#endif
+ int rc = TRUE;
if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
svcerr_decode(xprt);
- return (FALSE);
+ rc = FALSE;
+ goto done;
}
if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) {
svcerr_weakauth(xprt);
- return FALSE;
+ rc = FALSE;
+ goto done;
}
#ifdef RPCBIND_DEBUG
@@ -330,21 +345,34 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
pmap_ipprot2netid(reg.pm_prot) ?: "<unknown>",
port ? udptrans : "");
- return (TRUE);
+done:
+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
+ if (debugging) {
+ (void) xlog(LOG_DEBUG, "unable to free arguments\n");
+ if (doabort) {
+ rpcbind_abort();
+ }
+ }
+ }
+ return (rc);
}
/* ARGSUSED */
static bool_t
pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
{
+ int rc = TRUE;
+
if (!svc_getargs(xprt, (xdrproc_t)xdr_void, NULL)) {
svcerr_decode(xprt);
- return (FALSE);
+ rc = FALSE;
+ goto done;
}
if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) {
svcerr_weakauth(xprt);
- return FALSE;
+ rc = FALSE;
+ goto done;
}
if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist_ptr,
@@ -354,7 +382,17 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
rpcbind_abort();
}
}
- return (TRUE);
+
+done:
+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) {
+ if (debugging) {
+ (void) xlog(LOG_DEBUG, "unable to free arguments\n");
+ if (doabort) {
+ rpcbind_abort();
+ }
+ }
+ }
+ return (rc);
}
int pmap_netid2ipprot(const char *netid)
diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c
index bd92201..0c22a9d 100644
--- a/src/rpcb_svc.c
+++ b/src/rpcb_svc.c
@@ -166,7 +166,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
svcerr_decode(transp);
if (debugging)
(void) xlog(LOG_DEBUG, "rpcbind: could not decode");
- return;
+ goto done;
}
if (rqstp->rq_proc == RPCBPROC_SET
diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c
index b673452..3e37b54 100644
--- a/src/rpcb_svc_4.c
+++ b/src/rpcb_svc_4.c
@@ -220,7 +220,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
svcerr_decode(transp);
if (debugging)
(void) xlog(LOG_DEBUG, "rpcbind: could not decode\n");
- return;
+ goto done;
}
if (rqstp->rq_proc == RPCBPROC_SET
diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
index ff9ce6b..98ede61 100644
--- a/src/rpcb_svc_com.c
+++ b/src/rpcb_svc_com.c
@@ -931,6 +931,14 @@ error:
if (call_msg.rm_xid != 0)
(void) free_slot_by_xid(call_msg.rm_xid);
out:
+ if (!svc_freeargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) {
+ if (debugging) {
+ (void) xlog(LOG_DEBUG, "unable to free arguments\n");
+ if (doabort) {
+ rpcbind_abort();
+ }
+ }
+ }
if (local_uaddr)
free(local_uaddr);
if (buf_alloc)
--
2.11.0
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
RTMPDUMP_VERSION = a107cef9b392616dff54fabfd37f985ee2190a6f
RTMPDUMP_VERSION = fa8646daeb19dfd12c181f7d19de708d623704c0
RTMPDUMP_SITE = git://git.ffmpeg.org/rtmpdump
RTMPDUMP_INSTALL_STAGING = YES
# Note that rtmpdump is GPLv2 but librtmp has its own license and since we only
+1 -1
View File
@@ -1,2 +1,2 @@
# Locally calculated
sha256 f63b656d8823a280c50c9dbd6b692816cd7a88adfe9b47997ce697fd75bf81f0 samba-4.5.8.tar.gz
sha256 7cb753f5f6d5527ef40d4c1f47dacafb7c876cb304b4906ccb390c6a18477714 samba-4.5.10.tar.gz
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
SAMBA4_VERSION = 4.5.8
SAMBA4_VERSION = 4.5.10
SAMBA4_SITE = https://download.samba.org/pub/samba/stable
SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
SAMBA4_INSTALL_STAGING = YES
@@ -0,0 +1,55 @@
From 0b906cb025a506be1b73e5b485179585d1a90be2 Mon Sep 17 00:00:00 2001
From: Baruch Siach <baruch@tkos.co.il>
Date: Thu, 11 May 2017 14:04:47 +0300
Subject: [PATCH] af_alg: fix crypt() definition conflict
Rename the crypt() method to avoid conflict with POSIX crypt(). Fixes the
following build failure with musl libc:
In file included from ../../../../src/libstrongswan/utils/utils.h:53:0,
from ../../../../src/libstrongswan/library.h:101,
from af_alg_ops.h:24,
from af_alg_ops.c:16:
af_alg_ops.c:110:22: error: conflicting types for 'crypt'
METHOD(af_alg_ops_t, crypt, bool,
^
../../../../src/libstrongswan/utils/utils/object.h:99:13: note: in definition of macro 'METHOD'
static ret name(union {iface *_public; this;} \
^
In file included from af_alg_ops.c:18:0:
.../host/usr/x86_64-buildroot-linux-musl/sysroot/usr/include/unistd.h:144:7: note: previous declaration of 'crypt' was here
char *crypt(const char *, const char *);
^
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: https://github.com/strongswan/strongswan/pull/72
src/libstrongswan/plugins/af_alg/af_alg_ops.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.c b/src/libstrongswan/plugins/af_alg/af_alg_ops.c
index 331d1e8010aa..452cd1ac30c9 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_ops.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.c
@@ -107,7 +107,7 @@ METHOD(af_alg_ops_t, hash, bool,
return TRUE;
}
-METHOD(af_alg_ops_t, crypt, bool,
+METHOD(af_alg_ops_t, crypt_, bool,
private_af_alg_ops_t *this, u_int32_t type, chunk_t iv, chunk_t data,
char *out)
{
@@ -224,7 +224,7 @@ af_alg_ops_t *af_alg_ops_create(char *type, char *alg)
.public = {
.hash = _hash,
.reset = _reset,
- .crypt = _crypt,
+ .crypt = _crypt_,
.set_key = _set_key,
.destroy = _destroy,
},
--
2.11.0
+3
View File
@@ -2,3 +2,6 @@
md5 9d7c77b0da9b69f859624897e5e9ebbf strongswan-5.4.0.tar.bz2
# Calculated based on the hash above
sha256 f8288faaea6a9cd8a7d413c0b76b7922be5da3dfcd01fd05cb30d2c55d3bbe89 strongswan-5.4.0.tar.bz2
# Locally calculated
sha256 f5ba7f46cf7ae81dd81bc86f9e4cfa0c5c7c6987149b3bc9c0b8bf08598a1063 strongswan-4.4.0-5.5.2_gmp_mpz_powm_sec.patch
sha256 03db8c7a4133e877e8992e155c046dd27ec4810d50f239abf55595f0280caf31 strongswan-5.0.0-5.5.2_asn1_choice.patch
+3
View File
@@ -7,6 +7,9 @@
STRONGSWAN_VERSION = 5.4.0
STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
STRONGSWAN_SITE = http://download.strongswan.org
STRONGSWAN_PATCH = \
$(STRONGSWAN_SITE)/patches/21_gmp_mpz_powm_sec_patch/strongswan-4.4.0-5.5.2_gmp_mpz_powm_sec.patch \
$(STRONGSWAN_SITE)/patches/22_asn1_choice_patch/strongswan-5.0.0-5.5.2_asn1_choice.patch
STRONGSWAN_LICENSE = GPLv2+
STRONGSWAN_LICENSE_FILES = COPYING LICENSE
STRONGSWAN_DEPENDENCIES = host-pkgconf
@@ -0,0 +1,264 @@
Downloaded from upstream: https://www.sudo.ws/repos/sudo/raw-rev/b5460cbbb11b
# HG changeset patch
# User Todd C. Miller <Todd.Miller@courtesan.com>
# Date 1496089973 21600
# Node ID b5460cbbb11bbf9d92ffcc6798a686cf4125efd3
# Parent c303e6eecc7841e2f891d70613e80fcf27fa6e86
Fix for CVE-2017-1000367, parsing of /proc/pid/stat on Linux when
the process name contains spaces. Since the user has control over
the command name this could be used by a user with sudo access to
overwrite an arbitrary file.
Thanks to Qualys for investigating and reporting this bug.
Also stop performing a breadth-first traversal of /dev when looking
for the device. Only the directories specified in search_devs[]
are checked.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
diff -r c303e6eecc78 -r b5460cbbb11b src/ttyname.c
--- a/src/ttyname.c Tue May 23 13:26:54 2017 -0600
+++ b/src/ttyname.c Mon May 29 14:32:53 2017 -0600
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012-2016 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2012-2017 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -145,20 +145,22 @@
}
#elif defined(HAVE_STRUCT_PSINFO_PR_TTYDEV) || defined(HAVE_PSTAT_GETPROC) || defined(__linux__)
/*
- * Devices to search before doing a breadth-first scan.
+ * Device nodes and directories to search before searching all of /dev
*/
static char *search_devs[] = {
"/dev/console",
- "/dev/wscons",
- "/dev/pts/",
- "/dev/vt/",
- "/dev/term/",
- "/dev/zcons/",
+ "/dev/pts/", /* POSIX pty */
+ "/dev/vt/", /* Solaris virtual console */
+ "/dev/term/", /* Solaris serial ports */
+ "/dev/zcons/", /* Solaris zone console */
+ "/dev/pty/", /* HP-UX old-style pty */
NULL
};
+/*
+ * Device nodes to ignore when searching all of /dev
+ */
static char *ignore_devs[] = {
- "/dev/fd/",
"/dev/stdin",
"/dev/stdout",
"/dev/stderr",
@@ -166,16 +168,18 @@
};
/*
- * Do a breadth-first scan of dir looking for the specified device.
+ * Do a scan of a directory looking for the specified device.
+ * Does not descend into subdirectories.
* Returns name on success and NULL on failure, setting errno.
*/
static char *
-sudo_ttyname_scan(const char *dir, dev_t rdev, bool builtin, char *name, size_t namelen)
+sudo_ttyname_scan(const char *dir, dev_t rdev, char *name, size_t namelen)
{
- size_t sdlen, num_subdirs = 0, max_subdirs = 0;
- char pathbuf[PATH_MAX], **subdirs = NULL;
+ size_t sdlen;
+ char pathbuf[PATH_MAX];
char *ret = NULL;
struct dirent *dp;
+ struct stat sb;
unsigned int i;
DIR *d = NULL;
debug_decl(sudo_ttyname_scan, SUDO_DEBUG_UTIL)
@@ -187,6 +191,18 @@
if ((d = opendir(dir)) == NULL)
goto done;
+ if (fstat(dirfd(d), &sb) == -1) {
+ sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+ "unable to fstat %s", dir);
+ goto done;
+ }
+ if ((sb.st_mode & S_IWOTH) != 0) {
+ sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+ "ignoring world-writable directory %s", dir);
+ errno = ENOENT;
+ goto done;
+ }
+
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"scanning for dev %u in %s", (unsigned int)rdev, dir);
@@ -224,18 +240,6 @@
}
if (ignore_devs[i] != NULL)
continue;
- if (!builtin) {
- /* Skip entries in search_devs; we already checked them. */
- for (i = 0; search_devs[i] != NULL; i++) {
- len = strlen(search_devs[i]);
- if (search_devs[i][len - 1] == '/')
- len--;
- if (d_len == len && strncmp(pathbuf, search_devs[i], len) == 0)
- break;
- }
- if (search_devs[i] != NULL)
- continue;
- }
# if defined(HAVE_STRUCT_DIRENT_D_TYPE) && defined(DTTOIF)
/*
* Avoid excessive stat() calls by checking dp->d_type.
@@ -248,39 +252,14 @@
if (stat(pathbuf, &sb) == -1)
continue;
break;
- case DT_DIR:
- /* Directory, no need to stat() it. */
- sb.st_mode = DTTOIF(dp->d_type);
- sb.st_rdev = 0; /* quiet ccc-analyzer false positive */
- break;
default:
- /* Not a character device, link or directory, skip it. */
+ /* Not a character device or link, skip it. */
continue;
}
# else
if (stat(pathbuf, &sb) == -1)
continue;
# endif
- if (S_ISDIR(sb.st_mode)) {
- if (!builtin) {
- /* Add to list of subdirs to search. */
- if (num_subdirs + 1 > max_subdirs) {
- char **new_subdirs;
-
- new_subdirs = reallocarray(subdirs, max_subdirs + 64,
- sizeof(char *));
- if (new_subdirs == NULL)
- goto done;
- subdirs = new_subdirs;
- max_subdirs += 64;
- }
- subdirs[num_subdirs] = strdup(pathbuf);
- if (subdirs[num_subdirs] == NULL)
- goto done;
- num_subdirs++;
- }
- continue;
- }
if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) {
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"resolved dev %u as %s", (unsigned int)rdev, pathbuf);
@@ -296,16 +275,9 @@
}
}
- /* Search subdirs if we didn't find it in the root level. */
- for (i = 0; ret == NULL && i < num_subdirs; i++)
- ret = sudo_ttyname_scan(subdirs[i], rdev, false, name, namelen);
-
done:
if (d != NULL)
closedir(d);
- for (i = 0; i < num_subdirs; i++)
- free(subdirs[i]);
- free(subdirs);
debug_return_str(ret);
}
@@ -324,7 +296,7 @@
debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL)
/*
- * First check search_devs for common tty devices.
+ * First check search_devs[] for common tty devices.
*/
for (sd = search_devs; (devname = *sd) != NULL; sd++) {
len = strlen(devname);
@@ -349,7 +321,7 @@
"comparing dev %u to %s: no", (unsigned int)rdev, buf);
} else {
/* Traverse directory */
- ret = sudo_ttyname_scan(devname, rdev, true, name, namelen);
+ ret = sudo_ttyname_scan(devname, rdev, name, namelen);
if (ret != NULL || errno == ENOMEM)
goto done;
}
@@ -367,9 +339,9 @@
}
/*
- * Not found? Do a breadth-first traversal of /dev/.
+ * Not found? Check all device nodes in /dev.
*/
- ret = sudo_ttyname_scan(_PATH_DEV, rdev, false, name, namelen);
+ ret = sudo_ttyname_scan(_PATH_DEV, rdev, name, namelen);
done:
debug_return_str(ret);
@@ -493,28 +465,35 @@
len = getline(&line, &linesize, fp);
fclose(fp);
if (len != -1) {
- /* Field 7 is the tty dev (0 if no tty) */
- char *cp = line;
- char *ep = line;
- const char *errstr;
- int field = 0;
- while (*++ep != '\0') {
- if (*ep == ' ') {
- *ep = '\0';
- if (++field == 7) {
- dev_t tdev = strtonum(cp, INT_MIN, INT_MAX, &errstr);
- if (errstr) {
- sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
- "%s: tty device %s: %s", path, cp, errstr);
+ /*
+ * Field 7 is the tty dev (0 if no tty).
+ * Since the process name at field 2 "(comm)" may include spaces,
+ * start at the last ')' found.
+ */
+ char *cp = strrchr(line, ')');
+ if (cp != NULL) {
+ char *ep = cp;
+ const char *errstr;
+ int field = 1;
+
+ while (*++ep != '\0') {
+ if (*ep == ' ') {
+ *ep = '\0';
+ if (++field == 7) {
+ dev_t tdev = strtonum(cp, INT_MIN, INT_MAX, &errstr);
+ if (errstr) {
+ sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+ "%s: tty device %s: %s", path, cp, errstr);
+ }
+ if (tdev > 0) {
+ errno = serrno;
+ ret = sudo_ttyname_dev(tdev, name, namelen);
+ goto done;
+ }
+ break;
}
- if (tdev > 0) {
- errno = serrno;
- ret = sudo_ttyname_dev(tdev, name, namelen);
- goto done;
- }
- break;
+ cp = ep + 1;
}
- cp = ep + 1;
}
}
}
+7
View File
@@ -40,6 +40,13 @@ endif
ifeq ($(BR2_PACKAGE_OPENLDAP),y)
SUDO_DEPENDENCIES += openldap
SUDO_CONF_OPTS += --with-ldap
# If we are building sudo statically and openldap was linked with openssl, then
# when we link sudo with openldap we need to specify the openssl libs, otherwise
# it will fail with "undefined reference" errors.
ifeq ($(BR2_STATIC_LIBS)$(BR2_PACKAGE_OPENSSL),yy)
SUDO_DEPENDENCIES += host-pkgconf
SUDO_CONF_ENV = LIBS="`$(PKG_CONFIG_HOST_BINARY) --libs libssl libcrypto`"
endif
else
SUDO_CONF_OPTS += --without-ldap
endif
+6 -2
View File
@@ -1,2 +1,6 @@
# From http://download.videolan.org/pub/videolan/vlc/2.2.3/vlc-2.2.3.tar.xz.sha256
sha256 1632e91d2a0087e0ef4c3fb4c95c3c2890f7715a9d1d43ffd46329f428cf53be vlc-2.2.4.tar.xz
# From http://get.videolan.org/vlc/2.2.5.1/vlc-2.2.5.1.tar.xz.md5
md5 7ab63964ffec4c92a54deb018f23318b vlc-2.2.5.1.tar.xz
# From http://get.videolan.org/vlc/2.2.5.1/vlc-2.2.5.1.tar.xz.sha1
sha1 042962dba68e1414aa563883b0172ee121cf9555 vlc-2.2.5.1.tar.xz
# From http://get.videolan.org/vlc/2.2.5.1/vlc-2.2.5.1.tar.xz.sha256
sha256 b28b8a28f578c0c6cb1ebed293aca2a3cd368906cf777d1ab599e2784ddda1cc vlc-2.2.5.1.tar.xz
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
VLC_VERSION = 2.2.4
VLC_VERSION = 2.2.5.1
VLC_SITE = http://get.videolan.org/vlc/$(VLC_VERSION)
VLC_SOURCE = vlc-$(VLC_VERSION).tar.xz
VLC_LICENSE = GPLv2+, LGPLv2.1+
+1 -1
View File
@@ -28,7 +28,7 @@ config BR2_TOOLCHAIN_USES_MUSL
select BR2_TOOLCHAIN_HAS_THREADS
select BR2_TOOLCHAIN_HAS_THREADS_DEBUG
select BR2_TOOLCHAIN_HAS_THREADS_NPTL
select BR2_TOOLCHAIN_SUPPORTS_PIE
select BR2_TOOLCHAIN_SUPPORTS_PIE if !BR2_STATIC_LIBS
choice
prompt "Toolchain type"
@@ -480,6 +480,8 @@ ifeq ($(BR2_i386),y)
MUSL_ARCH = i386
else ifeq ($(BR2_ARM_EABIHF),y)
MUSL_ARCH = armhf
else ifeq ($(BR2_mips):$(BR2_SOFT_FLOAT),y:y)
MUSL_ARCH = mips-sf
else ifeq ($(BR2_mipsel):$(BR2_SOFT_FLOAT),y:y)
MUSL_ARCH = mipsel-sf
else ifeq ($(BR2_sh),y)
+3 -1
View File
@@ -21,8 +21,10 @@ TOOLCHAIN_ADD_TOOLCHAIN_DEPENDENCY = NO
# IFF_DORMANT and IFF_ECHO, add another macro to suppress them in the
# kernel header, and avoid macro/enum conflict.
#
# Kernel version 3.12 introduced the libc-compat.h header.
#
# [1] http://www.openwall.com/lists/musl/2015/10/08/2
ifeq ($(BR2_TOOLCHAIN_USES_MUSL),y)
ifeq ($(BR2_TOOLCHAIN_USES_MUSL)$(BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12),yy)
define TOOLCHAIN_MUSL_KERNEL_HEADERS_COMPATIBILITY_HACK
$(SED) 's/^#if defined(__GLIBC__)$$/#if 1/' \
$(STAGING_DIR)/usr/include/linux/libc-compat.h